cybernews

fuite de donnée enregistrée

Latest News


CVE-2025-10862 - Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers <= 2.1.3 - Unauthenticated SQL Injection via 'id'

]]>

Thu, 09 Oct 2025 09:15:00 GMT

read more

CVE-2025-11522 - Search & Go - Directory WordPress Theme <= 2.7 - Authentication Bypass to Privilege Escalation via Account Takeover

]]>

Thu, 09 Oct 2025 08:15:00 GMT

read more

CVE-2025-11539 - Arbitrary Code Execution in Grafana Image Renderer Plugin

]]>

Thu, 09 Oct 2025 08:15:00 GMT

read more

CVE-2025-7526 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Authenticated (Subscriber+) Arbitrary File Deletion via File Renaming

]]>

Thu, 09 Oct 2025 06:15:00 GMT

read more

CVE-2025-7634 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Unauthenticated Local File Inclusion

]]>

Thu, 09 Oct 2025 06:15:00 GMT

read more

CVE-2025-27039 - Detection of Error Condition Without Action in Computer Vision

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27040 - Improper Input Validation in TZ Firmware

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27041 - Buffer Over-read in Video

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27045 - Buffer Over-read in Video

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27048 - Untrusted Pointer Dereference in Camera

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27049 - Buffer Over-read in Camera

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27053 - Incorrect Calculation of Buffer Size in HLOS

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27054 - Out-of-bounds Write in Display

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27059 - Use of Out-of-range Pointer Offset in TZ Firmware

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-27060 - Untrusted Pointer Dereference in TZ Firmware

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47338 - Untrusted Pointer Dereference in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47340 - Out-of-bounds Write in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47341 - Buffer Copy Without Checking Size of Input in Camera

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47342 - Use After Free in BT Controller

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47347 - Stack-based Buffer Overflow in Automotive Software platform based on QNX

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47349 - Use of Out-of-range Pointer Offset in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47351 - Integer Overflow or Wraparound in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47354 - Use After Free in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-47355 - Out-of-bounds Write in DSP Service

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-6038 - Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme <= 1.4.0 - Authenticated (Subscriber+) Privilege Escalation

]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-11530 - code-projects Online Complaint Site state.php sql injection

CVE ID : CVE-2025-11530 Published : Oct. 9, 2025, 4:16 a.m. | 3 hours, 54 minutes ago Description : A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 04:16:00 GMT

read more

CVE-2025-11529 - ChurchCRM API Endpoint AuthMiddleware.php AuthMiddleware missing authentication

CVE ID : CVE-2025-11529 Published : Oct. 9, 2025, 3:15 a.m. | 4 hours, 19 minutes ago Description : A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The patch is identified as 3a1cffd2aea63d884025949cfbcfd274d06216a4. A patch should be applied to remediate this issue. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 03:15:00 GMT

read more

CVE-2025-11528 - Tenda AC7 saveAutoQos stack-based overflow

CVE ID : CVE-2025-11528 Published : Oct. 9, 2025, 3:15 a.m. | 3 hours, 35 minutes ago Description : A vulnerability was identified in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/saveAutoQos. The manipulation of the argument enable leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 03:15:00 GMT

read more

CVE-2025-11526 - Tenda AC7 WifiMacFilterSet stack-based overflow

CVE ID : CVE-2025-11526 Published : Oct. 9, 2025, 3:15 a.m. | 2 hours, 15 minutes ago Description : A vulnerability was found in Tenda AC7 15.03.06.44. The affected element is an unknown function of the file /goform/WifiMacFilterSet. Performing manipulation of the argument wifi_chkHz results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 03:15:00 GMT

read more

CVE-2025-11527 - Tenda AC7 fast_setting_pppoe_set stack-based overflow

CVE ID : CVE-2025-11527 Published : Oct. 9, 2025, 3:15 a.m. | 2 hours, 15 minutes ago Description : A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/fast_setting_pppoe_set. Executing manipulation of the argument Password can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 03:15:00 GMT

read more

CVE-2025-10496 - Cookie Notice Consent 1.6.5 - Unauthenticated Stored Cross-Site Scripting

CVE ID : CVE-2025-10496 Published : Oct. 9, 2025, 2:15 a.m. | 28 minutes ago Description : The Cookie Notice & Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the uuid parameter in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-10586 - Community Events 1.5.1 - Unauthenticated SQL Injection

CVE ID : CVE-2025-10586 Published : Oct. 9, 2025, 2:15 a.m. | 28 minutes ago Description : The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’ parameter in all versions up to, and including, 1.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11166 - WP Go Maps (formerly WP Google Maps) 9.0.46 - Cross-Site Request Forgery to Plugin Settings Update

CVE ID : CVE-2025-11166 Published : Oct. 9, 2025, 2:15 a.m. | 28 minutes ago Description : The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to, and including, 9.0.46. This is due to the plugin exposing state-changing REST actions through an AJAX bridge without proper CSRF token validation, and having destructive logic reachable via GET requests with no permission_callback. This makes it possible for unauthenticated attackers to force logged-in administrators to create, update, or delete markers and geometry features via CSRF attacks, and allows anonymous users to trigger mass deletion of markers via unsafe GET requests. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11523 - Tenda AC7 AdvSetLanip command injection

CVE ID : CVE-2025-11523 Published : Oct. 9, 2025, 2:15 a.m. | 28 minutes ago Description : A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11524 - Tenda AC7 SetDDNSCfg stack-based overflow

CVE ID : CVE-2025-11524 Published : Oct. 9, 2025, 2:15 a.m. | 28 minutes ago Description : A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11525 - Tenda AC7 SetUpnpCfg stack-based overflow

CVE ID : CVE-2025-11525 Published : Oct. 9, 2025, 2:15 a.m. | 28 minutes ago Description : A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 02:15:00 GMT

read more

CVE-2025-11514 - code-projects Online Complaint Site index.php sql injection

CVE ID : CVE-2025-11514 Published : Oct. 9, 2025, 1:15 a.m. | 1 hour, 28 minutes ago Description : A vulnerability was identified in code-projects Online Complaint Site 1.0. This vulnerability affects unknown code of the file /cms/users/index.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 01:15:00 GMT

read more

CVE-2025-11515 - code-projects Online Complaint Site register-complaint.php sql injection

CVE ID : CVE-2025-11515 Published : Oct. 9, 2025, 1:15 a.m. | 1 hour, 28 minutes ago Description : A security flaw has been discovered in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/users/register-complaint.php. Performing manipulation of the argument cid results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 01:15:00 GMT

read more

CVE-2025-11516 - code-projects Online Complaint Site complaint-details.php sql injection

CVE ID : CVE-2025-11516 Published : Oct. 9, 2025, 1:15 a.m. | 1 hour, 28 minutes ago Description : A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown function of the file /cms/users/complaint-details.php. Executing manipulation of the argument cid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 01:15:00 GMT

read more

CVE-2025-11512 - code-projects Voting System voters_add.php cross site scripting

CVE ID : CVE-2025-11512 Published : Oct. 9, 2025, 12:15 a.m. | 2 hours, 28 minutes ago Description : A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/voters_add.php. The manipulation of the argument Firstname/Lastname/Platform results in cross site scripting. The attack can be executed remotely. The exploit has been made public and could be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 00:15:00 GMT

read more

CVE-2025-11513 - code-projects E-Commerce Website supplier_update.php sql injection

CVE ID : CVE-2025-11513 Published : Oct. 9, 2025, 12:15 a.m. | 2 hours, 28 minutes ago Description : A vulnerability was determined in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/supplier_update.php. This manipulation of the argument supp_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 09 Oct 2025 00:15:00 GMT

read more

CVE-2025-11508 - code-projects Voting System voters_add.php unrestricted upload

CVE ID : CVE-2025-11508 Published : Oct. 8, 2025, 11:15 p.m. | 3 hours, 28 minutes ago Description : A security vulnerability has been detected in code-projects Voting System 1.0. This affects an unknown function of the file /admin/voters_add.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 23:15:00 GMT

read more

CVE-2025-11509 - code-projects E-Commerce Website product_add.php sql injection

CVE ID : CVE-2025-11509 Published : Oct. 8, 2025, 11:15 p.m. | 3 hours, 28 minutes ago Description : A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/product_add.php. Performing manipulation of the argument prod_name results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 23:15:00 GMT

read more

CVE-2025-11511 - code-projects E-Commerce Website supplier_add.php sql injection

CVE ID : CVE-2025-11511 Published : Oct. 8, 2025, 11:15 p.m. | 3 hours, 28 minutes ago Description : A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplier_add.php. Executing manipulation of the argument supp_email can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 23:15:00 GMT

read more

CVE-2025-61913 - Flowise is vulnerable to arbitrary file read, arbitrary file write

CVE ID : CVE-2025-61913 Published : Oct. 8, 2025, 11:15 p.m. | 3 hours, 28 minutes ago Description : Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any path in the file system, potentially leading to remote command execution. Flowise 3.0.8 fixes this vulnerability. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 23:15:00 GMT

read more

CVE-2017-20201 - CCleaner v5.33.6162 CCleaner Cloud v1.07.3191 Malicious Backdoor Supply Chain Compromise

CVE ID : CVE-2017-20201 Published : Oct. 8, 2025, 10:15 p.m. | 4 hours, 28 minutes ago Description : CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 (32-bit builds) contained a malicious pre-entry-point loader that diverts execution from __scrt_common_main_seh into a custom loader. That loader decodes an embedded blob into shellcode, allocates executable heap memory, resolves Windows API functions at runtime, and transfers execution to an in-memory payload. The payload performs anti-analysis checks, gathers host telemetry, encodes the data with a two-stage obfuscation, and attempts HTTPS exfiltration to hard-coded C2 servers or month-based DGA domains. Potential impacts include remote data collection and exfiltration, stealthy in-memory execution and persistence, and potential lateral movement. CCleaner was developed by Piriform, which was acquired by Avast in July 2017; Avast later merged with NortonLifeLock to form the parent company now known as Gen Digital. According to vendor advisories, the compromised CCleaner build was released on August 15, 2017 and remediated on September 12, 2017 with v5.34; the compromised CCleaner Cloud build was released on August 24, 2017 and remediated on September 15, 2017 with v1.07.3214. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2017-20202 - Web Developer for Chrome v0.4.9 Malicious Backdoor Supply Chain Compromise

CVE ID : CVE-2017-20202 Published : Oct. 8, 2025, 10:15 p.m. | 4 hours, 28 minutes ago Description : Web Developer for Chrome v0.4.9 contained malicious code that generated a domain via a DGA and fetched a remote script. The fetched script conditionally loaded follow-on modules that performed extensive ad substitution and malvertising, displayed fake “repair” alerts that redirected users to affiliate programs, and attempted to harvest credentials when users logged in. Injected components enumerate common banner sizes for substitution, replace third-party ad calls, and redirect victim traffic to affiliate landing pages. Potential impacts include user-level code execution in the browser context, large-scale ad fraud and traffic hijacking, credential theft, and exposure to additional payloads delivered by the actor. The compromise was reported on by the maintainer of Web Developer for Chrome on August 2, 2017 and remediated in v0.5.0. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11505 - PHPGurukul Beauty Parlour Management System new-appointment.php sql injection

CVE ID : CVE-2025-11505 Published : Oct. 8, 2025, 10:15 p.m. | 4 hours, 28 minutes ago Description : A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11506 - PHPGurukul Beauty Parlour Management System search-appointment.php sql injection

CVE ID : CVE-2025-11506 Published : Oct. 8, 2025, 10:15 p.m. | 4 hours, 28 minutes ago Description : A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/search-appointment.php. The manipulation of the argument searchdata results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11507 - PHPGurukul Beauty Parlour Management System search-invoices.php sql injection

CVE ID : CVE-2025-11507 Published : Oct. 8, 2025, 10:15 p.m. | 4 hours, 28 minutes ago Description : A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11535 - MongoDB Connector for BI installation MSI leave ACLs unset on custom installation directories

CVE ID : CVE-2025-11535 Published : Oct. 8, 2025, 10:15 p.m. | 4 hours, 28 minutes ago Description : MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 22:15:00 GMT

read more

CVE-2025-11494 - GNU Binutils Linker elfxx-x86.c _bfd_x86_elf_late_size_sections out-of-bounds

CVE ID : CVE-2025-11494 Published : Oct. 8, 2025, 8:15 p.m. | 6 hours, 28 minutes ago Description : A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 20:15:00 GMT

read more

CVE-2025-11495 - GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow

CVE ID : CVE-2025-11495 Published : Oct. 8, 2025, 8:15 p.m. | 6 hours, 28 minutes ago Description : A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0. To fix this issue, it is recommended to deploy a patch. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 20:15:00 GMT

read more

CVE-2025-11503 - PHPGurukul Beauty Parlour Management System manage-services.php sql injection

CVE ID : CVE-2025-11503 Published : Oct. 8, 2025, 8:15 p.m. | 6 hours, 28 minutes ago Description : A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing manipulation of the argument delid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 20:15:00 GMT

read more

CVE-2025-60311 - ProjectWorlds Gym Management System SQL Injection Vulnerability

CVE ID : CVE-2025-60311 Published : Oct. 8, 2025, 8:15 p.m. | 6 hours, 28 minutes ago Description : ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in the profile/edit.php page Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 20:15:00 GMT

read more

CVE-2025-11490 - wonderwhy-er DesktopCommanderMCP Absolute Path command-manager.ts extractBaseCommand os command injection

CVE ID : CVE-2025-11490 Published : Oct. 8, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute Path Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor explains: "The usual use case is that AI is asked to do something, picks commands itself, and typically uses simple command names without absolute paths. It's curious why a user would ask the model to bypass restrictions this way. (...) This could potentially be a problem, but we are yet to hear reports of this being an issue in actual workflows. We'll leave this issue open for situations where people may report this as a problem for the long term." Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 19:15:00 GMT

read more

CVE-2025-11491 - wonderwhy-er DesktopCommanderMCP command-manager.ts CommandManager os command injection

CVE ID : CVE-2025-11491 Published : Oct. 8, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 19:15:00 GMT

read more

CVE-2025-57457 - Curo UC300 OS Command Injection

CVE ID : CVE-2025-57457 Published : Oct. 8, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows local attackers to inject arbitrary OS Commands via the "IP Addr" parameter. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 19:15:00 GMT

read more

CVE-2025-61524 - Casdoor Permission Bypass Vulnerability

CVE ID : CVE-2025-61524 Published : Oct. 8, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : An issue in the permission verification module and organization/application editing interface in Casdoor before 2.26.0 allows remote authenticated administrators of any organization within the system to bypass the system's permission verification mechanism by directly concatenating URLs after login Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 19:15:00 GMT

read more

CVE-2025-42701 - CrowdStrike Falcon Sensor for Windows Race Condition

CVE ID : CVE-2025-42701 Published : Oct. 8, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : A race condition exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.24 and above and all Long Term Visibility (LTV) sensors. There is no indication of exploitation of these issues in the wild. Our threat hunting and intelligence team are actively monitoring for exploitation and we maintain visibility into any such attempts. The Falcon sensor for Mac, the Falcon sensor for Linux and the Falcon sensor for Legacy Systems are not impacted by this. CrowdStrike was made aware of this issue through our HackerOne bug bounty program. It was discovered by Cong Cheng and responsibly disclosed. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-42706 - CrowdStrike Falcon Sensor for Windows Logic Error

CVE ID : CVE-2025-42706 Published : Oct. 8, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : A logic error exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.24 and above and all Long Term Visibility (LTV) sensors. There is no indication of exploitation of these issues in the wild. Our threat hunting and intelligence teams are actively monitoring for exploitation and we maintain visibility into any such attempts. The Falcon sensor for Mac, the Falcon sensor for Linux and the Falcon sensor for Legacy Systems are not impacted by this. CrowdStrike was made aware of this issue through our HackerOne bug bounty program. It was discovered by Cong Cheng and responsibly disclosed. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-61788 - Opencast Paella Player 7 vulnerable to Cross-Site-Scripting

CVE ID : CVE-2025-61788 Published : Oct. 8, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 17.8 and 18.2, the paella would include and render some user inputs (metadata like title, description, etc.) unfiltered and unmodified. The vulnerability allows attackers to inject and malicious HTML and JavaScript in the player, which would then be executed in the browsers of users watching the prepared media. This can then be used to modify the site or to execute actions in the name of logged-in users. To inject malicious metadata, an attacker needs write access to the system. For example, the ability to upload media and modify metadata. This cannot be exploited by unauthenticated users. This issue is fixed in Opencast 17.8 and 18.2. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-61906 - Opencast's editor accidentally publishes videos/overwrites publications #1626

CVE ID : CVE-2025-61906 Published : Oct. 8, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 17.8 and 18.2, in some situations, Opencast's editor may publish a video without notifying the user. This may lead to users accidentally publishing media not meant for publishing, and thus possibly exposing internal media. This risk of this actually impacting someone is very low, though. This can only be triggered by users with write access to an event. They also have to use the editor, which is usually an action taken if they want to publish media and not something users would use on internal media they do not want to publish. Finally, they have to first click on "Save & Publish" before then selecting the "Save" option. Nevertheless, while very unlikely, this can happen. This issue is fixed in Opencast 17.8 and 18.2. Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-9868 - Nexus Repository 2 - SSRF Vulnerability in Remote Browser Plugin

CVE ID : CVE-2025-9868 Published : Oct. 8, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : Server-Side Request Forgery (SSRF) in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-11487 - SourceCodester Farm Management System uploadProduct.php sql injection

CVE ID : CVE-2025-11487 Published : Oct. 8, 2025, 6:15 p.m. | 3 hours, 54 minutes ago Description : A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the argument Type results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-11488 - D-Link DIR-852 HNAP1 command injection

CVE ID : CVE-2025-11488 Published : Oct. 8, 2025, 6:15 p.m. | 3 hours, 54 minutes ago Description : A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-11489 - wonderwhy-er DesktopCommanderMCP filesystem.ts isPathAllowed symlink

CVE ID : CVE-2025-11489 Published : Oct. 8, 2025, 6:15 p.m. | 3 hours, 54 minutes ago Description : A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This vulnerability affects the function isPathAllowed of the file src/tools/filesystem.ts. The manipulation leads to symlink following. The attack can only be performed from a local environment. The attack's complexity is rated as high. It is stated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. The vendor explains: "Our restriction features are designed as guardrails for LLMs to help them stay closer to what users want, rather than hardened security boundaries. (...) For users where security is a top priority, we continue to recommend using Desktop Commander with Docker, which provides actual isolation. (...) We'll keep this issue open for future consideration if we receive more user demand for improved restrictions." This vulnerability only affects products that are no longer supported by the maintainer. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 18:15:00 GMT

read more

CVE-2025-11481 - varunsardana004 Blood-Bank-And-Donation-Management-System donate_blood.php sql injection

CVE ID : CVE-2025-11481 Published : Oct. 8, 2025, 5:15 p.m. | 4 hours, 54 minutes ago Description : A flaw has been found in varunsardana004 Blood-Bank-And-Donation-Management-System up to dc9e0393d826fbc85fad9755b5bc12cba1919df2. The impacted element is an unknown function of the file /donate_blood.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-11485 - SourceCodester Student Grades Management System Manage Users admin.php add_user cross site scripting

CVE ID : CVE-2025-11485 Published : Oct. 8, 2025, 5:15 p.m. | 4 hours, 54 minutes ago Description : A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function add_user of the file /admin.php of the component Manage Users Page. This manipulation of the argument first_name/last_name causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-11486 - SourceCodester Farm Management System buyNow.php sql injection

CVE ID : CVE-2025-11486 Published : Oct. 8, 2025, 5:15 p.m. | 4 hours, 54 minutes ago Description : A vulnerability was identified in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /buyNow.php. Such manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-53967 - Framelink Figma MCP Server Remote Command Injection

CVE ID : CVE-2025-53967 Published : Oct. 8, 2025, 5:15 p.m. | 4 hours, 54 minutes ago Description : Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remote attacker to execute arbitrary operating system commands via a crafted HTTP POST request with shell metacharacters in input that is used by a fetchWithRetry curl command. The vulnerable endpoint fails to properly sanitize user-supplied input, enabling the attacker to inject malicious commands that are executed with the privileges of the MCP process. Exploitation requires network access to the MCP interface. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-9970 - Application credential stored in clear text in memory

CVE ID : CVE-2025-9970 Published : Oct. 8, 2025, 5:15 p.m. | 4 hours, 54 minutes ago Description : Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 17:15:00 GMT

read more

CVE-2025-5009 - Information Disclosure in Gemini iOS App

CVE ID : CVE-2025-5009 Published : Oct. 8, 2025, 4:15 p.m. | 5 hours, 54 minutes ago Description : In Gemini iOS, when a user shared a snippet of a conversation, it would share the entire conversation via a sharable public link that contained the entire conversation history and not just the snippet. Severity: 1.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 16:15:00 GMT

read more

CVE-2025-60318 - SourceCodester Pet Grooming Management Software XSS

CVE ID : CVE-2025-60318 Published : Oct. 8, 2025, 4:15 p.m. | 5 hours, 54 minutes ago Description : SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 16:15:00 GMT

read more

CVE-2025-36636 - Improper Access Control

CVE ID : CVE-2025-36636 Published : Oct. 8, 2025, 4:15 p.m. | 4 hours, 25 minutes ago Description : In Tenable Security Center versions prior to 6.7.0, an improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 16:15:00 GMT

read more

CVE-2025-59303 - HAProxy Kubernetes Ingress Controller Config Snippet Token Secret Exposure

CVE ID : CVE-2025-59303 Published : Oct. 8, 2025, 4:15 p.m. | 4 hours, 25 minutes ago Description : HAProxy Kubernetes Ingress Controller before 3.1.13, when the config-snippets feature flag is used, accepts config snippets from users with create/update permissions. This can result in obtaining an ingress token secret as a response. The fixed versions of HAProxy Enterprise Kubernetes Ingress Controller are 3.0.16-ee1, 1.11.13-ee1, and 1.9.15-ee1. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 16:15:00 GMT

read more

CVE-2025-11479 - SourceCodester Wedding Reservation Management System function.php insertReservation sql injection

CVE ID : CVE-2025-11479 Published : Oct. 8, 2025, 3:16 p.m. | 3 hours, 36 minutes ago Description : A security vulnerability has been detected in SourceCodester Wedding Reservation Management System 1.0. Impacted is the function insertReservation of the file function.php. Such manipulation of the argument number leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-11480 - SourceCodester Simple E-Commerce Bookstore register.php sql injection

CVE ID : CVE-2025-11480 Published : Oct. 8, 2025, 3:16 p.m. | 3 hours, 36 minutes ago Description : A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument register_username results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-43724 - Dell PowerScale OneFS Authorization Bypass Through User-Controlled Key

CVE ID : CVE-2025-43724 Published : Oct. 8, 2025, 3:16 p.m. | 3 hours, 36 minutes ago Description : Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-43771 - Liferay Portal and DXP XSS Vulnerabilities

CVE ID : CVE-2025-43771 Published : Oct. 8, 2025, 3:16 p.m. | 3 hours, 36 minutes ago Description : Multiple cross-site scripting (XSS) vulnerabilities in the Notifications widget in Liferay Portal 7.4.3.102 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5 and 2023.Q3.1 through 2023.Q3.10 allow remote attackers to inject arbitrary web script or HTML via a crafted payload injected into (1) a user’s “First Name” text field, (2) a user’s “Middle Name” text field, (3) a user’s “Last Name” text field, (4) the “Other Reason” text field when flagging content, or (5) the name of the flagged content. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-60313 - Sourcecodester Link Status Checker XSS

CVE ID : CVE-2025-60313 Published : Oct. 8, 2025, 3:16 p.m. | 3 hours, 36 minutes ago Description : Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site Scripting (XSS) in the Enter URLs to check input field. This allows a remote attacker to execute arbitrary code. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-60834 - Apache Fastjson Deserialization Remote Code Execution Vulnerability in uzy-ssm-mall

CVE ID : CVE-2025-60834 Published : Oct. 8, 2025, 3:16 p.m. | 3 hours, 36 minutes ago Description : A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-61672 - Synapse: Invalid device keys degrade federation functionality

CVE ID : CVE-2025-61672 Published : Oct. 8, 2025, 3:16 p.m. | 3 hours, 36 minutes ago Description : Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. The issue is patched in Synapse 1.138.3, 1.138.4, 1.139.1, and 1.139.2. Note that even though 1.138.3 and 1.139.1 fix the vulnerability, they inadvertently introduced an unrelated regression. For this reason, the maintainers of Synapse recommend skipping these releases and upgrading straight to 1.138.4 and 1.139.2. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 15:16:00 GMT

read more

CVE-2025-61183 - Vaahcms Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-61183 Published : Oct. 8, 2025, 2:15 p.m. | 4 hours, 27 minutes ago Description : Cross Site Scripting in vaahcms v.2.3.1 allows a remote attacker to execute arbitrary code via upload method in the storeAvatar() method of UserBase.php Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60314 - Configuroweb Sistema Web de Inventario Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-60314 Published : Oct. 8, 2025, 2:15 p.m. | 3 hours, 54 minutes ago Description : Configuroweb Sistema Web de Inventario 1.0 is vulnerable to a Stored Cross-Site Scripting (XSS) due to the lack of input sanitization on the product name parameter (Nombre:Producto) allowing an authenticated attacker to inject malicious payloads and execute arbitrary JavaScript. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60828 - WukongCRM Fastjson Deserialization Vulnerability

CVE ID : CVE-2025-60828 Published : Oct. 8, 2025, 2:15 p.m. | 3 hours, 54 minutes ago Description : WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60830 - Redragon ERP Shiro Deserialization Vulnerability

CVE ID : CVE-2025-60830 Published : Oct. 8, 2025, 2:15 p.m. | 3 hours, 54 minutes ago Description : redragon-erp v1.0 was discovered to contain a Shiro deserialization vulnerability caused by the default Shiro key. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60833 - uzy-ssm-mall XXE Code Execution

CVE ID : CVE-2025-60833 Published : Oct. 8, 2025, 2:15 p.m. | 3 hours, 54 minutes ago Description : An XML External Entity (XXE) vulnerability in the /mall/wxpay/pay component of uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying crafted XML data. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-11476 - SourceCodester Simple E-Commerce Bookstore index.php sql injection

CVE ID : CVE-2025-11476 Published : Oct. 8, 2025, 2:15 p.m. | 3 hours, 8 minutes ago Description : A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument login_username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-11477 - SourceCodester Wedding Reservation Management System global.php sql injection

CVE ID : CVE-2025-11477 Published : Oct. 8, 2025, 2:15 p.m. | 3 hours, 8 minutes ago Description : A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-11478 - SourceCodester Farm Management System myCart.php sql injection

CVE ID : CVE-2025-11478 Published : Oct. 8, 2025, 2:15 p.m. | 3 hours, 8 minutes ago Description : A weakness has been identified in SourceCodester Farm Management System 1.0. This issue affects some unknown processing of the file /myCart.php. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-43829 - Liferay Portal Stored Cross-Site Scripting (XSS) in Diagram Type Products

CVE ID : CVE-2025-43829 Published : Oct. 8, 2025, 2:15 p.m. | 3 hours, 8 minutes ago Description : Stored cross-site scripting (XSS) vulnerability in diagram type products in Commerce in Liferay Portal 7.4.3.18 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 18 through update 92 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a SVG file. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-43830 - Liferay Portal Liferay DXP Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43830 Published : Oct. 8, 2025, 2:15 p.m. | 3 hours, 8 minutes ago Description : Stored cross-site scripting (XSS) vulnerability in Forms in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, and 7.3 GA through update 35 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a form with a rich text type field. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 14:15:00 GMT

read more

CVE-2025-60298 - Novel-Plus up to 5.2.4 was discovered to contain a

CVE ID : CVE-2025-60298 Published : Oct. 8, 2025, 1:15 p.m. | 3 hours, 37 minutes ago Description : Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability via the /author/updateIndexName endpoint. This vulnerability allows authenticated attackers to inject malicious JavaScript code through the indexName parameter, which gets stored in the database and executed when other users view the affected book chapter. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

CVE-2025-60299 - Novel-Plus Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-60299 Published : Oct. 8, 2025, 1:15 p.m. | 3 hours, 37 minutes ago Description : Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database and is executed in other users’ browsers when they view the affected comment thread. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

CVE-2025-11475 - projectworlds Advanced Library Management System view_member.php sql injection

CVE ID : CVE-2025-11475 Published : Oct. 8, 2025, 1:15 p.m. | 3 hours, 28 minutes ago Description : A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /view_member.php. Executing manipulation of the argument user_id can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

CVE-2025-43821 - Liferay Portal Liferay DXP XSS

CVE ID : CVE-2025-43821 Published : Oct. 8, 2025, 1:15 p.m. | 3 hours, 28 minutes ago Description : Cross-site scripting (XSS) vulnerability in the Commerce Product Comparison Table widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a Commerce Product's Name text field. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

CVE-2025-11474 - SourceCodester Hotel and Lodge Management System edit_booking.php sql injection

CVE ID : CVE-2025-11474 Published : Oct. 8, 2025, 1:15 p.m. | 2 hours, 54 minutes ago Description : A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_booking.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 13:15:00 GMT

read more

Cryptographie post-quantique, les travaux de l’ANSSI

]]>

Wed, 08 Oct 2025 12:34:00 GMT

read more

CVE-2025-11473 - SourceCodester Hotel and Lodge Management System edit_curr.php sql injection

CVE ID : CVE-2025-11473 Published : Oct. 8, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /edit_curr.php. Such manipulation of the argument currsymbol leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 12:15:00 GMT

read more

CVE-2025-10649 - Welcart e-Commerce 2.11.21 - Authenticated (Author+) SQL Injection via Cookie

CVE ID : CVE-2025-10649 Published : Oct. 8, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : The Welcart e-Commerce plugin for WordPress is vulnerable to SQL Injection via the cookie in all versions up to, and including, 2.11.21 due to insufficient escaping on the user supplied value and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Author-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 12:15:00 GMT

read more

CVE-2025-11471 - SourceCodester Hotel and Lodge Management System edit_customer.php sql injection

CVE ID : CVE-2025-11471 Published : Oct. 8, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /edit_customer.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 12:15:00 GMT

read more

CVE-2025-11472 - SourceCodester Hotel and Lodge Management System edit_room.php sql injection

CVE ID : CVE-2025-11472 Published : Oct. 8, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /edit_room.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 12:15:00 GMT

read more

CVE-2025-10352 - Missing Authorization vulnerability in Melis Platform

CVE ID : CVE-2025-10352 Published : Oct. 8, 2025, 11:15 a.m. | 3 hours, 46 minutes ago Description : Vulnerability in the melis-core module of Melis Technology's Melis Platform, which, if exploited, allows an unauthenticated attacker to create an administrator account via a request to '/melis/MelisCore/ToolUser/addNewUser'. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 11:15:00 GMT

read more

CVE-2025-10353 - Missing Authorization vulnerability in Melis Platform

CVE ID : CVE-2025-10353 Published : Oct. 8, 2025, 11:15 a.m. | 3 hours, 46 minutes ago Description : File upload leading to remote code execution (RCE) in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetail_img' parameter. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 11:15:00 GMT

read more

CVE-2025-10351 - SQL injection vulnerability in Melis Platform

CVE ID : CVE-2025-10351 Published : Oct. 8, 2025, 11:15 a.m. | 2 hours, 37 minutes ago Description : SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEdition/getTinyTemplates' endpoint. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 11:15:00 GMT

read more

CVE-2025-11469 - SourceCodester Hotel and Lodge Management System save_customer.php sql injection

CVE ID : CVE-2025-11469 Published : Oct. 8, 2025, 10:15 a.m. | 3 hours, 37 minutes ago Description : A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/save_customer.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 10:15:00 GMT

read more

CVE-2025-11470 - SourceCodester Hotel and Lodge Management System manage_website.php unrestricted upload

CVE ID : CVE-2025-11470 Published : Oct. 8, 2025, 10:15 a.m. | 3 hours, 37 minutes ago Description : A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System up to 1.0. The impacted element is an unknown function of the file /manage_website.php. The manipulation of the argument website_image/back_login_image leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 10:15:00 GMT

read more

CVE-2025-11445 - Kilo Code Prompt ClineProvider.ts ClineProvider injection

CVE ID : CVE-2025-11445 Published : Oct. 8, 2025, 9:15 a.m. | 4 hours, 37 minutes ago Description : A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be used. Applying a patch is the recommended action to fix this issue. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 09:15:00 GMT

read more

CVE-2025-11442 - JhumanJ OpnForm API Endpoint cross-site request forgery

CVE ID : CVE-2025-11442 Published : Oct. 8, 2025, 8:15 a.m. | 5 hours, 37 minutes ago Description : A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the component API Endpoint. The manipulation results in cross-site request forgery. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor has stated that API calls require authentication through Authorization Bearer Tokens, so classic CSRF attacks do not apply here. An attacker would need to possess the JWT through means such as XSS which were mitigated, disabling any form of initial access. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 08:15:00 GMT

read more

CVE-2025-11443 - JhumanJ OpnForm Forgotten Password email information exposure

CVE ID : CVE-2025-11443 Published : Oct. 8, 2025, 8:15 a.m. | 5 hours, 37 minutes ago Description : A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This affects an unknown function of the file /api/password/email of the component Forgotten Password Handler. This manipulation causes information exposure through discrepancy. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is reported as difficult. The exploit has been made available to the public and could be exploited. This issue is currently aligned with Laravel issue #46465, which is why no mitigation action was taken. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 08:15:00 GMT

read more

CVE-2025-11444 - TOTOLINK N600R HTTP Request cstecgi.cgi setWiFiBasicConfig buffer overflow

CVE ID : CVE-2025-11444 Published : Oct. 8, 2025, 8:15 a.m. | 5 hours, 37 minutes ago Description : A security vulnerability has been detected in TOTOLINK N600R up to 4.3.0cu.7866_B20220506. This impacts the function setWiFiBasicConfig of the file /cgi-bin/cstecgi.cgi of the component HTTP Request Handler. Such manipulation of the argument wepkey leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 08:15:00 GMT

read more

CVE-2025-11438 - JhumanJ OpnForm API Endpoint custom-domains authorization

CVE ID : CVE-2025-11438 Published : Oct. 8, 2025, 7:15 a.m. | 6 hours, 37 minutes ago Description : A vulnerability has been found in JhumanJ OpnForm up to 1.9.3. This vulnerability affects unknown code of the file /custom-domains of the component API Endpoint. Such manipulation leads to missing authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is beb153ce52dceb971c1518f98333328c95f1ba20. It is best practice to apply a patch to resolve this issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-11439 - JhumanJ OpnForm integrations authorization

CVE ID : CVE-2025-11439 Published : Oct. 8, 2025, 7:15 a.m. | 6 hours, 37 minutes ago Description : A vulnerability was found in JhumanJ OpnForm up to 1.9.3. This issue affects some unknown processing of the file /show/integrations. Performing manipulation results in missing authorization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The patch is named 11d97d78f2de2cb49f79baed6bde8b611ec1f384. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-11440 - JhumanJ OpnForm edit access control

CVE ID : CVE-2025-11440 Published : Oct. 8, 2025, 7:15 a.m. | 6 hours, 37 minutes ago Description : A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Executing manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This patch is called b15e29021d326be127193a5dbbd528c4e37e6324. Applying a patch is advised to resolve this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-11441 - JhumanJ OpnForm HTTP Header excessive authentication

CVE ID : CVE-2025-11441 Published : Oct. 8, 2025, 7:15 a.m. | 6 hours, 37 minutes ago Description : A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitability is described as difficult. The exploit is publicly available and might be used. The identifier of the patch is 11e99960e14ca986b1a001a56e7533223d2cfa5b. It is suggested to install a patch to address this issue. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-48464 - Exposure of Sensitive Information

CVE ID : CVE-2025-48464 Published : Oct. 8, 2025, 7:15 a.m. | 6 hours, 37 minutes ago Description : Successful exploitation of the vulnerability could allow an unauthenticated attacker to gain access to a victim’s Sync account data such as account credentials and email protection information. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 07:15:00 GMT

read more

CVE-2025-10635 - Find Me On 2.0.9.1 - Subscriber+ SQL Injection

CVE ID : CVE-2025-10635 Published : Oct. 8, 2025, 6:15 a.m. | 5 hours, 54 minutes ago Description : The Find Me On WordPress plugin through 2.0.9.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing subscribers and above to perform SQL injection attacks Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11171 - Chartify – WordPress Chart Plugin 3.5.9 - Missing Authentication for Administrative Function

CVE ID : CVE-2025-11171 Published : Oct. 8, 2025, 6:15 a.m. | 5 hours, 54 minutes ago Description : The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter, without any nonce or capability checks. This makes it possible for unauthenticated attackers to execute administrative functions via the wp-admin/admin-ajax.php endpoint granted they can identify callable method names. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11435 - JhumanJ OpnForm submissions cross site scripting

CVE ID : CVE-2025-11435 Published : Oct. 8, 2025, 6:15 a.m. | 5 hours, 54 minutes ago Description : A security vulnerability has been detected in JhumanJ OpnForm up to 1.9.3. Affected by this vulnerability is an unknown functionality of the file /show/submissions. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The identifier of the patch is a2af1184e53953afa8cb052f4055f288adcaa608. To fix this issue, it is recommended to deploy a patch. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11436 - JhumanJ OpnForm answer unrestricted upload

CVE ID : CVE-2025-11436 Published : Oct. 8, 2025, 6:15 a.m. | 5 hours, 53 minutes ago Description : A vulnerability was detected in JhumanJ OpnForm up to 1.9.3. Affected by this issue is some unknown functionality of the file /answer. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used. The patch is identified as 95c3e23856465d202e6aec10bdb6ee0688b5305a. It is advisable to implement a patch to correct this issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11437 - JhumanJ OpnForm Form Editor forms cross site scripting

CVE ID : CVE-2025-11437 Published : Oct. 8, 2025, 6:15 a.m. | 5 hours, 53 minutes ago Description : A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file /api/open/forms/ of the component Form Editor. This manipulation causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. This issue is currently under review for additional handling. As of right now the vendor has stated that the feature is disabled until the user has configured their own domain which will mitigate this attack vector. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 06:15:00 GMT

read more

CVE-2025-11204 - RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login 6.0.6.2 - Authenticated (Administrator+) SQL Injection

CVE ID : CVE-2025-11204 Published : Oct. 8, 2025, 5:15 a.m. | 6 hours, 54 minutes ago Description : The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 6.0.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. An unauthenticated attacker could utilize an injected Cross-Site Scripting via user-agent on form submission to leverage this to achieve Reflected Cross-Site Scripting. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 05:15:00 GMT

read more

CVE-2025-11432 - itsourcecode Leave Management System reset.php sql injection

CVE ID : CVE-2025-11432 Published : Oct. 8, 2025, 5:15 a.m. | 6 hours, 54 minutes ago Description : A vulnerability was identified in itsourcecode Leave Management System 1.0. This affects an unknown function of the file /reset.php. Such manipulation of the argument employid leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 05:15:00 GMT

read more

CVE-2025-11433 - itsourcecode Leave Management System Query Parameter controller.php redirect cross site scripting

CVE ID : CVE-2025-11433 Published : Oct. 8, 2025, 5:15 a.m. | 6 hours, 54 minutes ago Description : A security flaw has been discovered in itsourcecode Leave Management System 1.0. This impacts the function redirect of the file /module/employee/controller.php?action=reset of the component Query Parameter Handler. Performing manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 05:15:00 GMT

read more

CVE-2025-11434 - itsourcecode Student Transcript Processing System login.php sql injection

CVE ID : CVE-2025-11434 Published : Oct. 8, 2025, 5:15 a.m. | 6 hours, 54 minutes ago Description : A weakness has been identified in itsourcecode Student Transcript Processing System 1.0. Affected is an unknown function of the file /login.php. Executing manipulation of the argument uname can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 05:15:00 GMT

read more

CVE-2025-10494 - Motors – Car Dealership Classified Listings Plugin 1.4.89 - Authenticated (Subscriber+) Arbitrary File Deletion

CVE ID : CVE-2025-10494 Published : Oct. 8, 2025, 4:16 a.m. | 5 hours, 53 minutes ago Description : The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation when deleting profile pictures in all versions up to, and including, 1.4.89. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 04:16:00 GMT

read more

CVE-2025-10587 - Community Events 1.5.1 - Unauthenticated SQL Injection

CVE ID : CVE-2025-10587 Published : Oct. 8, 2025, 4:16 a.m. | 5 hours, 53 minutes ago Description : The Community Events plugin for WordPress is vulnerable to SQL Injection via the event_category parameter in all versions up to, and including, 1.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 04:16:00 GMT

read more

CVE-2025-11430 - SourceCodester Simple E-Commerce Bookstore cart.php sql injection

CVE ID : CVE-2025-11430 Published : Oct. 8, 2025, 4:16 a.m. | 5 hours, 53 minutes ago Description : A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 04:16:00 GMT

read more

CVE-2025-11431 - code-projects Web-Based Inventory and POS System transaction.php sql injection

CVE ID : CVE-2025-11431 Published : Oct. 8, 2025, 4:16 a.m. | 5 hours, 53 minutes ago Description : A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. The impacted element is an unknown function of the file /transaction.php. This manipulation of the argument shopid causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 04:16:00 GMT

read more

CVE-2025-11425 - projectworlds Advanced Library Management System edit_admin.php cross site scripting

CVE ID : CVE-2025-11425 Published : Oct. 8, 2025, 3:15 a.m. | 6 hours, 53 minutes ago Description : A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /edit_admin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Other parameters might be affected as well. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 03:15:00 GMT

read more

CVE-2025-11426 - projectworlds Advanced Library Management System edit_book.php unrestricted upload

CVE ID : CVE-2025-11426 Published : Oct. 8, 2025, 3:15 a.m. | 6 hours, 53 minutes ago Description : A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_book.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 03:15:00 GMT

read more

CVE-2025-61787 - Deno is Vulnerable to Command Injection on Windows During Batch File Execution

CVE ID : CVE-2025-61787 Published : Oct. 8, 2025, 2:15 a.m. | 7 hours, 53 minutes ago Description : Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions prior to 2.5.3 and 2.2.15 are vulnerable to Command Line Injection attacks on Windows when batch files are executed. In Windows, ``CreateProcess()`` always implicitly spawns ``cmd.exe`` if a batch file (.bat, .cmd, etc.) is being executed even if the application does not specify it via the command line. This makes Deno vulnerable to a command injection attack on Windows. Versions 2.5.3 and 2.2.15 fix the issue. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11423 - Tenda CH22 SafeEmailFilter formSafeEmailFilter memory corruption

CVE ID : CVE-2025-11423 Published : Oct. 8, 2025, 2:15 a.m. | 5 hours, 36 minutes ago Description : A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. Performing manipulation of the argument page results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Severity: 10.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11424 - code-projects Web-Based Inventory and POS System login.php sql injection

CVE ID : CVE-2025-11424 Published : Oct. 8, 2025, 2:15 a.m. | 5 hours, 36 minutes ago Description : A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. This impacts an unknown function of the file /login.php. Executing manipulation of the argument emailid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11421 - code-projects Voting System candidates_edit.php cross site scripting

CVE ID : CVE-2025-11421 Published : Oct. 8, 2025, 2:15 a.m. | 4 hours, 25 minutes ago Description : A flaw has been found in code-projects Voting System 1.0. The affected element is an unknown function of the file /admin/candidates_edit.php. This manipulation of the argument Firstname/Lastname/Platform causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11422 - Campcodes Advanced Online Voting Management System login.php sql injection

CVE ID : CVE-2025-11422 Published : Oct. 8, 2025, 2:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability has been found in Campcodes Advanced Online Voting Management System 1.0. The impacted element is an unknown function of the file /admin/login.php. Such manipulation of the argument Username leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 02:15:00 GMT

read more

CVE-2025-11418 - Tenda CH22 HTTP Request AdvSetWrlsafeset formWrlsafeset stack-based overflow

CVE ID : CVE-2025-11418 Published : Oct. 8, 2025, 1:15 a.m. | 5 hours, 25 minutes ago Description : A security vulnerability has been detected in Tenda CH22 up to 1.0.0.1. This issue affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP Request Handler. The manipulation of the argument mit_ssid_index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. Severity: 10.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-11420 - code-projects E-Commerce Website edit_order_details.php sql injection

CVE ID : CVE-2025-11420 Published : Oct. 8, 2025, 1:15 a.m. | 5 hours, 25 minutes ago Description : A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/edit_order_details.php. The manipulation of the argument order_id results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-48981 - CGM MEDICO DNET Encryption Optional Vulnerability

CVE ID : CVE-2025-48981 Published : Oct. 8, 2025, 1:15 a.m. | 5 hours, 25 minutes ago Description : An insecure implementation of the proprietary protocol DNET in Product CGM MEDICO allows attackers within the intranet to eavesdrop and manipulate data on the protocol because encryption is optional for this connection. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-61785 - Deno's --deny-write check does not prevent permission bypass

CVE ID : CVE-2025-61785 Published : Oct. 8, 2025, 1:15 a.m. | 5 hours, 25 minutes ago Description : Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, `Deno.FsFile.prototype.utime` and `Deno.FsFile.prototype.utimeSync` are not limited by the permission model check `--deny-write=./`. It's possible to change to change the access (`atime`) and modification (`mtime`) times on the file stream resource even when the file is opened with `read` only permission (and `write`: `false`) and file write operations are not allowed (the script is executed with `--deny-write=./`). Similar APIs like `Deno.utime` and `Deno.utimeSync` require `allow-write` permission, however, when a file is opened, even with read only flags and deny-write permission, it's still possible to change the access (`atime`) and modification (`mtime`) times, and thus bypass the permission model. Versions 2.5.3 and 2.2.15 fix the issue. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-61786 - Deno's --deny-read check does not prevent permission bypass

CVE ID : CVE-2025-61786 Published : Oct. 8, 2025, 1:15 a.m. | 5 hours, 25 minutes ago Description : Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, `Deno.FsFile.prototype.stat` and `Deno.FsFile.prototype.statSync` are not limited by the permission model check `--deny-read=./`. It's possible to retrieve stats from files that the user do not have explicit read access to (the script is executed with `--deny-read=./`). Similar APIs like `Deno.stat` and `Deno.statSync` require `allow-read` permission, however, when a file is opened, even with file-write only flags and deny-read permission, it's still possible to retrieve file stats, and thus bypass the permission model. Versions 2.5.3 and 2.2.15 fix the issue. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 01:15:00 GMT

read more

CVE-2025-61998 - OPEXUS FOIAXpress stored XSS via Hyperlink Manager

CVE ID : CVE-2025-61998 Published : Oct. 8, 2025, 12:15 a.m. | 5 hours, 35 minutes ago Description : OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content as a URL within the Technical Support Hyperlink Manager. Injected content is executed in the context of other users when they click the malicious link. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-61999 - OPEXUS FOIAXpress stored XSS via logo image

CVE ID : CVE-2025-61999 Published : Oct. 8, 2025, 12:15 a.m. | 5 hours, 35 minutes ago Description : OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to upload JavaScript or other content embedded in an SVG image used as a logo. Injected content is executed in the context of other users when they view affected pages. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-11417 - Campcodes Advanced Online Voting Management System voters_add.php unrestricted upload

CVE ID : CVE-2025-11417 Published : Oct. 8, 2025, 12:15 a.m. | 4 hours, 20 minutes ago Description : A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This vulnerability affects unknown code of the file /admin/voters_add.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-61996 - OPEXUS FOIAXpress stored XSS via annual report template

CVE ID : CVE-2025-61996 Published : Oct. 8, 2025, 12:15 a.m. | 4 hours, 20 minutes ago Description : OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Template. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-61997 - OPEXUS FOIAXpress stored XSS via banner image

CVE ID : CVE-2025-61997 Published : Oct. 8, 2025, 12:15 a.m. | 4 hours, 20 minutes ago Description : OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Enterprise Banner image upload field. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the administrative user to perform actions on behalf of the target, including stealing session cookies, user credentials, or sensitive data. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 08 Oct 2025 00:15:00 GMT

read more

CVE-2025-11415 - PHPGurukul Beauty Parlour Management System customer-list.php sql injection

CVE ID : CVE-2025-11415 Published : Oct. 7, 2025, 11:15 p.m. | 5 hours, 20 minutes ago Description : A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/customer-list.php. Such manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-11416 - PHPGurukul Beauty Parlour Management System invoices.php sql injection

CVE ID : CVE-2025-11416 Published : Oct. 7, 2025, 11:15 p.m. | 5 hours, 20 minutes ago Description : A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performing manipulation of the argument delid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-43822 - Multiple stored cross-site scripting (XSS) vulnera

CVE ID : CVE-2025-43822 Published : Oct. 7, 2025, 11:15 p.m. | 5 hours, 20 minutes ago Description : Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.4.3.15 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 15 through update 92 allow remote attackers to inject arbitrary web script or HTML via crafted payload injected into a Terms and Condition's Name text field to (1) Payment Terms, or (2) the Delivery Term on the view order page. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-6046 - CVE-2019-25033: Apache Struts Unauthenticated Remote Code Execution Vulnerability

CVE ID : CVE-2025-6046 Published : Oct. 7, 2025, 11:15 p.m. | 5 hours, 20 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-11414 - GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds

CVE ID : CVE-2025-11414 Published : Oct. 7, 2025, 11:15 p.m. | 4 hours, 53 minutes ago Description : A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-10904 - Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2025-10904 Published : Oct. 7, 2025, 11:15 p.m. | 3 hours, 25 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 23:15:00 GMT

read more

CVE-2025-11410 - Campcodes Advanced Online Voting Management System voters_add.php sql injection

CVE ID : CVE-2025-11410 Published : Oct. 7, 2025, 10:15 p.m. | 4 hours, 25 minutes ago Description : A flaw has been found in Campcodes Advanced Online Voting Management System 1.0. This affects an unknown function of the file /admin/voters_add.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used. Other parameters might be affected as well. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 22:15:00 GMT

read more

CVE-2025-11412 - GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds

CVE ID : CVE-2025-11412 Published : Oct. 7, 2025, 10:15 p.m. | 4 hours, 25 minutes ago Description : A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 22:15:00 GMT

read more

CVE-2025-11413 - GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds

CVE ID : CVE-2025-11413 Published : Oct. 7, 2025, 10:15 p.m. | 4 hours, 25 minutes ago Description : A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. The patch is identified as 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Upgrading the affected component is advised. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 22:15:00 GMT

read more

CVE-2025-43823 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43823 Published : Oct. 7, 2025, 10:15 p.m. | 4 hours, 25 minutes ago Description : Cross-site scripting (XSS) vulnerability in the Commerce Search Result widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4 before patch 6, 2023.Q3 before patch 9, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a Commerce Product's Name text field. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 22:15:00 GMT

read more

CVE-2025-62186 - Anki URL Scheme Execution Vulnerability

CVE ID : CVE-2025-62186 Published : Oct. 7, 2025, 9:15 p.m. | 4 hours, 52 minutes ago Description : Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-62187 - Anki Arbitrary File Write Vulnerability

CVE ID : CVE-2025-62187 Published : Oct. 7, 2025, 9:15 p.m. | 4 hours, 52 minutes ago Description : In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux (media file pathnames are not necessarily relative to the media folder). Severity: 2.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-11408 - D-Link DI-7001 MINI dbsrv.asp buffer overflow

CVE ID : CVE-2025-11408 Published : Oct. 7, 2025, 9:15 p.m. | 2 hours, 52 minutes ago Description : A security vulnerability has been detected in D-Link DI-7001 MINI 24.04.18B1. The affected element is an unknown function of the file /dbsrv.asp. Such manipulation of the argument str leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-11409 - Campcodes Advanced Online Voting Management System index.php sql injection

CVE ID : CVE-2025-11409 Published : Oct. 7, 2025, 9:15 p.m. | 2 hours, 52 minutes ago Description : A vulnerability was detected in Campcodes Advanced Online Voting Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument voter results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-34252 - NetSarang v5.0 Malicious Backdoor Supply Chain Compromise

CVE ID : CVE-2025-34252 Published : Oct. 7, 2025, 9:15 p.m. | 2 hours, 52 minutes ago Description : NetSarang Xmanager Enterprise 5.0 Build 1232, Xmanager 5.0 Build 1045, Xshell 5.0 Build 1322, Xftp 5.0 Build 1218, and Xlpd 5.0 Build 1220 contain a malicious nssock2.dll that implements a multi-stage, DNS-based backdoor. The dormant library contacts a C2 DNS server via a specially crafted TXT record for a month‑generated domain. After receiving a decryption key, it then downloads and executes arbitrary code, creates an encrypted virtual file system (VFS) in the registry, and grants the attacker full remote code execution, data exfiltration, and persistence. NetSarang released builds for each product line that remediated the compromise: Xmanager Enterprise Build 1236, Xmanager Build 1049, Xshell Build 1326, Xftp Build 1222, and Xlpd Build 1224. Kaspersky Lab identified an instance of exploitation in the wild in August 2017. Severity: 9.5 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-62185 - Ankitects Anki Arbitrary File Execution via YouTube Downloader

CVE ID : CVE-2025-62185 Published : Oct. 7, 2025, 9:15 p.m. | 2 hours, 52 minutes ago Description : In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlp_x86.exe. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 21:15:00 GMT

read more

CVE-2025-44823 - Nagios Log Server API Key Disclosure

CVE ID : CVE-2025-44823 Published : Oct. 7, 2025, 8:15 p.m. | 3 hours, 52 minutes ago Description : Nagios Log Server before 2024R1.3.2 allows authenticated users to retrieve cleartext administrative API keys via a /nagioslogserver/index.php/api/system/get_users call. This is GL:NLS#475. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-44824 - Nagios Log Server Elasticsearch Unauthenticated Service Stop

CVE ID : CVE-2025-44824 Published : Oct. 7, 2025, 8:15 p.m. | 3 hours, 52 minutes ago Description : Nagios Log Server before 2024R1.3.2 allows authenticated users (with read-only API access) to stop the Elasticsearch service via a /nagioslogserver/index.php/api/system/stop?subsystem=elasticsearch call. The service stops even though "message": "Could not stop elasticsearch" is in the API response. This is GL:NLS#474. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-61910 - NASA ION-DTN BPv7 4.1.3s Uncontrolled Memory Allocation that leads to Denial-of-Service

CVE ID : CVE-2025-61910 Published : Oct. 7, 2025, 8:15 p.m. | 3 hours, 52 minutes ago Description : The NASA’s Interplanetary Overlay Network (ION) is an implementation of Delay/Disruption Tolerant Networking (DTN). A BPv7 bundle with a malformed extension block causes uncontrolled memory allocation inside ION-DTN 4.1.3s, leading to receiver thread termination and a Denial-of-Service (DoS). The triggering bundle contains an extension block starting at `0x85070201005bbb0e20b4ea001a000927c0...`. The first byte in the extension block (0x85) indicates a CBOR array of five elements of which the first four are numbers (0x07, 0x02, 0x01, 0x00) but the fifth element is a byte string of length 27 (`0x5bbb0e20b4ea001a000927c0...`). The vulnerability seems to be due to processing the fifth element of the array (i.e., the byte string) as replacing it with a number makes the vulnerability no longer be triggered. While parsing this extension block, ION obtains a very large block length, which in the code in `bei.c`:764) seems to be passed from `blockLength` which is an unsigned int, to a 32 bit signed integer `blkSize`. The unsigned to signed conversion causes `blkSize` to hold the value of -369092043, which is then converted into a 64-bit unsigned value inside `MTAKE(blkSize)`, resulting in an attempt to allocate an unrealistic amount of memory, causing the error. As of time of publication, no known patched versions of BPv7 exist. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-6242 - Vllm: server side request forgery (ssrf) in mediaconnector

CVE ID : CVE-2025-6242 Published : Oct. 7, 2025, 8:15 p.m. | 3 hours, 52 minutes ago Description : A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-11406 - kaifangqian kaifangqian-base SysUserController.java getAllUsers information disclosure

CVE ID : CVE-2025-11406 Published : Oct. 7, 2025, 8:15 p.m. | 2 hours, 23 minutes ago Description : A security flaw has been discovered in kaifangqian kaifangqian-base up to 7b3faecda13848b3ced6c17c7423b76c5b47b8ab. This issue affects the function getAllUsers of the file kaifangqian-parent/kaifangqian-system/src/main/java/com/kaifangqian/modules/system/controller/SysUserController.java. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-11407 - D-Link DI-7001 MINI upgrade_filter.asp os command injection

CVE ID : CVE-2025-11407 Published : Oct. 7, 2025, 8:15 p.m. | 2 hours, 23 minutes ago Description : A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgrade_filter.asp. This manipulation of the argument path causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-11462 - Local Privilege Escalation Vulnerability in AWS Client VPN macOS Client

CVE ID : CVE-2025-11462 Published : Oct. 7, 2025, 8:15 p.m. | 2 hours, 23 minutes ago Description : Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0 allows a local user to execute code with elevated privileges. Insufficient validation checks on the log destination directory during log rotation could allow a non-administrator user to create a symlink from a client log file to a privileged location. On log rotation, this could lead to code execution with root privileges if the user made crafted API calls which injected arbitrary code into the log file. We recommend users upgrade to AWS VPN Client for macOS 5.2.1 or the latest version. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-36565 - Dell PowerProtect Data Domain DD OS Command Injection Vulnerability

CVE ID : CVE-2025-36565 Published : Oct. 7, 2025, 8:15 p.m. | 2 hours, 23 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-36566 - Dell PowerProtect Data Domain OS Command Injection Vulnerability

CVE ID : CVE-2025-36566 Published : Oct. 7, 2025, 8:15 p.m. | 2 hours, 23 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-36567 - Dell PowerProtect Data Domain DD OS OS Command Injection Vulnerability

CVE ID : CVE-2025-36567 Published : Oct. 7, 2025, 8:15 p.m. | 2 hours, 23 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-36569 - Dell PowerProtect Data Domain DD OS OS Command Injection Vulnerability

CVE ID : CVE-2025-36569 Published : Oct. 7, 2025, 8:15 p.m. | 2 hours, 23 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-43727 - "Dell PowerProtect Data Domain DD OS Authentication Algorithm Implementation Vulnerability"

CVE ID : CVE-2025-43727 Published : Oct. 7, 2025, 8:15 p.m. | 2 hours, 23 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an incorrect Implementation of Authentication Algorithm vulnerability in the RestAPI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-43910 - Dell PowerProtect Data Domain Stack-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-43910 Published : Oct. 7, 2025, 8:15 p.m. | 2 hours, 23 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 20:15:00 GMT

read more

CVE-2025-61776 - Dependency-Track possibly discloses private NuGet repository credentials to api.nuget.org

CVE ID : CVE-2025-61776 Published : Oct. 7, 2025, 7:15 p.m. | 3 hours, 23 minutes ago Description : Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.13.5, Dependency-Track may send credentials meant for a private NuGet repository to `api.nuget.org` via the HTTP `Authorization` header, and may disclose names and versions of components marked as internal to `api.nuget.org`. This can happen if the Dependency-Track instance contains .NET components, a custom NuGet repository has been configured, the custom repository has been configured with authentication credentials, and the repository server does not provide `PackageBaseAddress` resource in its service index. The issue has been fixed in Dependency-Track 4.13.5. Some workarounds are avaialble. Disable custom NuGet repositories until the patch has been applied, invalidate the previously used credentials, and generate new credentials for usage after the patch has been applied. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-61784 - LLaMA Factory's Chat API has Critical SSRF and LFI Vulnerabilities

CVE ID : CVE-2025-61784 Published : Oct. 7, 2025, 7:15 p.m. | 3 hours, 23 minutes ago Description : LLaMA-Factory is a tuning library for large language models. Prior to version 0.9.4, a Server-Side Request Forgery (SSRF) vulnerability in the chat API allows any authenticated user to force the server to make arbitrary HTTP requests to internal and external networks. This can lead to the exposure of sensitive internal services, reconnaissance of the internal network, or interaction with third-party services. The same mechanism also allows for a Local File Inclusion (LFI) vulnerability, enabling users to read arbitrary files from the server's filesystem. The vulnerability exists in the `_process_request` function within `src/llamafactory/api/chat.py.` This function is responsible for processing incoming multimodal content, including images, videos, and audio provided via URLs. The function checks if the provided URL is a base64 data URI or a local file path (`os.path.isfile`). If neither is true, it falls back to treating the URL as a web URI and makes a direct HTTP GET request using `requests.get(url, stream=True).raw` without any validation or sanitization of the URL. Version 0.9.4 fixes the underlying issue. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-45375 - Dell PowerProtect Data Domain with Data Domain Ope

CVE ID : CVE-2025-45375 Published : Oct. 7, 2025, 7:15 p.m. | 2 hours, 52 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-61670 - Wasmtime has memory leak in C API with `externref` and `anyref` types

CVE ID : CVE-2025-61670 Published : Oct. 7, 2025, 7:15 p.m. | 2 hours, 52 minutes ago Description : Wasmtime is a runtime for WebAssembly. Wasmtime 37.0.0 and 37.0.1 have memory leaks in the C/C++ API when using bindings for the `anyref` or `externref` WebAssembly values. This is caused by a regression introduced during the development of 37.0.0 and all prior versions of Wasmtime are unaffected. If `anyref` or `externref` is not used in the C/C++ API then embeddings are also unaffected by the leaky behavior. The `wasmtime` Rust crate is unaffected by this leak. Development of Wasmtime 37.0.0 included a refactoring in Rust of changing the old `ManuallyRooted` type to a new `OwnedRooted` type. This change was integrated into Wasmtime's C API but left the C API in a state which had memory leaks. Additionally the new ownership semantics around this type were not reflected into the C++ API, making it leak-prone. A short version of the change is that previously `ManuallyRooted`, as the name implies, required manual calls to an "unroot" operation. If this was forgotten then the memory was still cleaned up when the `wasmtime_store_t` itself was destroyed eventually. Documentation of when to "unroot" was sparse and there were already situations prior to 37.0.0 where memory would be leaked until the store was destroyed anyway. All memory, though, was always bound by the store, and destroying the store would guarantee that there were no memory leaks. In migrating to `OwnedRooted` the usage of the type in Rust changed. A manual "unroot" operation is no longer required and it happens naturally as a destructor of the `OwnedRooted` type in Rust itself. These new resource ownership semantics were not fully integrated into the preexisting semantics of the C/C++ APIs in Wasmtime. A crucial distinction of `OwnedRooted` vs `ManuallyRooted` is that the `OwnedRooted` type allocates host memory outside of the store. This means that if an `OwnedRooted` is leaked then destroying a store does not release this memory and it's a permanent memory leak on the host. This led to a few distinct, but related, issues arising: A typo in the `wasmtime_val_unroot` function in the C API meant that it did not actually unroot anything. This meant that even if embedders faithfully call the function then memory will be leaked. If a host-defined function returned a `wasmtime_{externref,anyref}_t` value then the value was never unrooted. The C/C++ API no longer has access to the value and the Rust implementation did not unroot. This meant that any values returned this way were never unrooted. The goal of the C++ API of Wasmtime is to encode automatic memory management in the type system, but the C++ API was not updated when `OwnedRooted` was added. This meant that idiomatic usage of the C++ API would leak memory due to a lack of destructors on values. These issues have all been fixed in a 37.0.2 release of Wasmtime. The implementation of the C and C++ APIs have been updated accordingly and respectively to account for the changes of ownership here. For example `wasmtime_val_unroot` has been fixed to unroot, the Rust-side implementation of calling an embedder-defined function will unroot return values, and the C++ API now has destructors on the `ExternRef`, `AnyRef`, and `Val` types. These changes have been made to the 37.0.x release branch in a non-API-breaking fashion. Changes to the 38.0.0 release branch (and `main` in the Wasmtime repository) include minor API updates to better accommodate the API semantic changes. The only known workaround at this time is to avoid using `externref` and `anyref` in the C/C++ API of Wasmtime. If avoiding those types is not possible then it's required for users to update to mitigate the leak issue. Severity: 1.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43891 - Dell PowerProtect Data Domain Broken Authentication Cryptography Vulnerability

CVE ID : CVE-2025-43891 Published : Oct. 7, 2025, 7:15 p.m. | 1 hour, 19 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an use of a Broken or Risky Cryptographic Algorithm vulnerability in the Authentication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43905 - Dell PowerProtect Data Domain DD OS Command Injection Vulnerability

CVE ID : CVE-2025-43905 Published : Oct. 7, 2025, 7:15 p.m. | 1 hour, 19 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43907 - Dell PowerProtect Data Domain Path Traversal Information Exposure

CVE ID : CVE-2025-43907 Published : Oct. 7, 2025, 7:15 p.m. | 1 hour, 19 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Path Traversal: '.../...//' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43908 - Dell PowerProtect Data Domain OS Command Injection Vulnerability

CVE ID : CVE-2025-43908 Published : Oct. 7, 2025, 7:15 p.m. | 1 hour, 19 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43909 - Dell PowerProtect Data Domain DD OS Cryptographic Algorithm Vulnerability

CVE ID : CVE-2025-43909 Published : Oct. 7, 2025, 7:15 p.m. | 1 hour, 19 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DD boost. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43912 - "Dell PowerProtect Data Domain DD OS Heap Buffer Overflow"

CVE ID : CVE-2025-43912 Published : Oct. 7, 2025, 7:15 p.m. | 1 hour, 19 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43913 - Dell PowerProtect Data Domain DDOS Broken Cryptography Phishing Vulnerability

CVE ID : CVE-2025-43913 Published : Oct. 7, 2025, 7:15 p.m. | 1 hour, 19 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DDOS. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43934 - Dell PowerProtect Data Domain DD OS Path Traversal Vulnerability

CVE ID : CVE-2025-43934 Published : Oct. 7, 2025, 7:15 p.m. | 1 hour, 19 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Unauthorized access. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-3448 - Reflected cross-site scripting vulnerabilities exist in System Diagnostics Manager

CVE ID : CVE-2025-3448 Published : Oct. 7, 2025, 7:15 p.m. | 52 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in B&R Industrial Automation Automation Runtime.This issue affects Automation Runtime: from 6.0 before 6.4. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-3449 - Weak Session Token used in Automation Runtime SDM

CVE ID : CVE-2025-3449 Published : Oct. 7, 2025, 7:15 p.m. | 52 minutes ago Description : Generation of Predictable Numbers or Identifiers vulnerability in B&R Industrial Automation Automation Runtime.This issue affects Automation Runtime: from 6.0 before 6.4. Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43889 - Dell PowerProtect Data Domain DD OS Path Traversal Vulnerability

CVE ID : CVE-2025-43889 Published : Oct. 7, 2025, 7:15 p.m. | 52 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 19:15:00 GMT

read more

CVE-2025-43914 - Dell PowerProtect Data Domain BoostFS for Linux Unauthorized Access Vulnerability

CVE ID : CVE-2025-43914 Published : Oct. 7, 2025, 6:16 p.m. | 23 minutes ago Description : Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:16:00 GMT

read more

CVE-2025-8291 - ZIP64 End of Central Directory (EOCD) Locator record offset not checked

CVE ID : CVE-2025-8291 Published : Oct. 7, 2025, 6:16 p.m. | 23 minutes ago Description : The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:16:00 GMT

read more

CVE-2025-11402 - SourceCodester Hotel and Lodge Management System del_curr.php sql injection

CVE ID : CVE-2025-11402 Published : Oct. 7, 2025, 6:15 p.m. | 23 minutes ago Description : A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /del_curr.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-11403 - SourceCodester Hotel and Lodge Management System del_booking.php sql injection

CVE ID : CVE-2025-11403 Published : Oct. 7, 2025, 6:15 p.m. | 23 minutes ago Description : A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this issue is some unknown functionality of the file /del_booking.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-1826 - IBM Jazz Foundation cross-site scripting

CVE ID : CVE-2025-1826 Published : Oct. 7, 2025, 6:15 p.m. | 23 minutes ago Description : IBM Engineering Requirements Management DOORS Next (IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034, 7.0.3 to 7.0.3 iFix016, and 7.1.0 to 7.1.0 iFix004) is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users on the host network to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-36156 - IBM InfoSphere Data Replication VSAM for z/OS Remote Source code execution

CVE ID : CVE-2025-36156 Published : Oct. 7, 2025, 6:15 p.m. | 23 minutes ago Description : IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with access to the files storing CECSUB or CECRM on the container could overflow the buffer and execute arbitrary code on the system. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-3450 - DoS Vulnerability in System Diagnostics Manager

CVE ID : CVE-2025-3450 Published : Oct. 7, 2025, 6:15 p.m. | 23 minutes ago Description : Improper Resource Locking vulnerability in B&R Industrial Automation Automation Runtime.This issue affects Automation Runtime: from 6.0 before 6.3, before Q4.93. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-43890 - Dell PowerProtect Data Domain DD OS OS Command Injection Vulnerability

CVE ID : CVE-2025-43890 Published : Oct. 7, 2025, 6:15 p.m. | 23 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-43906 - Dell PowerProtect Data Domain DD OS OS Command Injection

CVE ID : CVE-2025-43906 Published : Oct. 7, 2025, 6:15 p.m. | 23 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-43911 - "Dell PowerProtect Data Domain DD OS OS Command Injection"

CVE ID : CVE-2025-43911 Published : Oct. 7, 2025, 6:15 p.m. | 23 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 18:15:00 GMT

read more

CVE-2025-11401 - SourceCodester Hotel and Lodge Management System save_curr.php sql injection

CVE ID : CVE-2025-11401 Published : Oct. 7, 2025, 5:15 p.m. | 1 hour, 24 minutes ago Description : A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /pages/save_curr.php. This manipulation of the argument currcode causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 17:15:00 GMT

read more

CVE-2025-52021 - PuneethReddyHC Online Shopping System SQL Injection

CVE ID : CVE-2025-52021 Published : Oct. 7, 2025, 5:15 p.m. | 1 hour, 24 minutes ago Description : A SQL Injection vulnerability exists in the edit_product.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The product_id GET parameter is unsafely passed to a SQL query without proper validation or parameterization. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 17:15:00 GMT

read more

CVE-2025-56243 - PuneethReddyHC Event Management System XSS

CVE ID : CVE-2025-56243 Published : Oct. 7, 2025, 5:15 p.m. | 1 hour, 24 minutes ago Description : A Cross-Site Scripting (XSS) vulnerability was found in the register.php page of PuneethReddyHC Event Management System 1.0, where the event_id GET parameter is improperly handled. An attacker can craft a malicious URL to execute arbitrary JavaScript in the victim s browser by injecting code into this parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 17:15:00 GMT

read more

CVE-2023-53683 - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()

CVE ID : CVE-2023-53683 Published : Oct. 7, 2025, 4:15 p.m. | 2 hours, 24 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() syzbot is hitting WARN_ON() in hfsplus_cat_{read,write}_inode(), for crafted filesystem image can contain bogus length. There conditions are not kernel bugs that can justify kernel to panic. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53684 - xfrm: Zero padding when dumping algos and encap

CVE ID : CVE-2023-53684 Published : Oct. 7, 2025, 4:15 p.m. | 2 hours, 24 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random (possibly sensitve) data and should never be given directly to user-space. This patch fixes the copying of xfrm algorithms and the encap template in xfrm_user so that padding is zeroed. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53685 - tun: Fix memory leak for detached NAPI queue.

CVE ID : CVE-2023-53685 Published : Oct. 7, 2025, 4:15 p.m. | 2 hours, 24 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: tun: Fix memory leak for detached NAPI queue. syzkaller reported [0] memory leaks of sk and skb related to the TUN device with no repro, but we can reproduce it easily with: struct ifreq ifr = {} int fd_tun, fd_tmp; char buf[4] = {}; fd_tun = openat(AT_FDCWD, "/dev/net/tun", O_WRONLY, 0); ifr.ifr_flags = IFF_TUN | IFF_NAPI | IFF_MULTI_QUEUE; ioctl(fd_tun, TUNSETIFF, &ifr); ifr.ifr_flags = IFF_DETACH_QUEUE; ioctl(fd_tun, TUNSETQUEUE, &ifr); fd_tmp = socket(AF_PACKET, SOCK_PACKET, 0); ifr.ifr_flags = IFF_UP; ioctl(fd_tmp, SIOCSIFFLAGS, &ifr); write(fd_tun, buf, sizeof(buf)); close(fd_tun); If we enable NAPI and multi-queue on a TUN device, we can put skb into tfile->sk.sk_write_queue after the queue is detached. We should prevent it by checking tfile->detached before queuing skb. Note this must be done under tfile->sk.sk_write_queue.lock because write() and ioctl(IFF_DETACH_QUEUE) can run concurrently. Otherwise, there would be a small race window: write() ioctl(IFF_DETACH_QUEUE) `- tun_get_user `- __tun_detach |- if (tfile->detached) |- tun_disable_queue | `-> false | `- tfile->detached = tun | `- tun_queue_purge |- spin_lock_bh(&queue->lock) `- __skb_queue_tail(queue, skb) Another solution is to call tun_queue_purge() when closing and reattaching the detached queue, but it could paper over another problems. Also, we do the same kind of test for IFF_NAPI_FRAGS. [0]: unreferenced object 0xffff88801edbc800 (size 2048): comm "syz-executor.1", pid 33269, jiffies 4295743834 (age 18.756s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ backtrace: [] __do_kmalloc_node mm/slab_common.c:965 [inline] [] __kmalloc+0x4a/0x130 mm/slab_common.c:979 [] kmalloc include/linux/slab.h:563 [inline] [] sk_prot_alloc+0xef/0x1b0 net/core/sock.c:2035 [] sk_alloc+0x36/0x2f0 net/core/sock.c:2088 [] tun_chr_open+0x3d/0x190 drivers/net/tun.c:3438 [] misc_open+0x1a6/0x1f0 drivers/char/misc.c:165 [] chrdev_open+0x111/0x300 fs/char_dev.c:414 [] do_dentry_open+0x2f9/0x750 fs/open.c:920 [] do_open fs/namei.c:3636 [inline] [] path_openat+0x143f/0x1a30 fs/namei.c:3791 [] do_filp_open+0xce/0x1c0 fs/namei.c:3818 [] do_sys_openat2+0xf0/0x260 fs/open.c:1356 [] do_sys_open fs/open.c:1372 [inline] [] __do_sys_openat fs/open.c:1388 [inline] [] __se_sys_openat fs/open.c:1383 [inline] [] __x64_sys_openat+0x83/0xf0 fs/open.c:1383 [] do_syscall_x64 arch/x86/entry/common.c:50 [inline] [] do_syscall_64+0x3c/0x90 arch/x86/entry/common.c:80 [] entry_SYSCALL_64_after_hwframe+0x72/0xdc unreferenced object 0xffff88802f671700 (size 240): comm "syz-executor.1", pid 33269, jiffies 4295743854 (age 18.736s) hex dump (first 32 bytes): 68 c9 db 1e 80 88 ff ff 68 c9 db 1e 80 88 ff ff h.......h....... 00 c0 7b 2f 80 88 ff ff 00 c8 db 1e 80 88 ff ff ..{/............ backtrace: [] __alloc_skb+0x223/0x250 net/core/skbuff.c:644 [] alloc_skb include/linux/skbuff.h:1288 [inline] [] alloc_skb_with_frags+0x6f/0x350 net/core/skbuff.c:6378 [] sock_alloc_send_pskb+0x3ac/0x3e0 net/core/sock.c:2729 [] tun_alloc_skb drivers/net/tun.c:1529 [inline] [ Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53686 - net/handshake: fix null-ptr-deref in handshake_nl_done_doit()

CVE ID : CVE-2023-53686 Published : Oct. 7, 2025, 4:15 p.m. | 2 hours, 24 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshake_nl_done_doit() We should not call trace_handshake_cmd_done_err() if socket lookup has failed. Also we should call trace_handshake_cmd_done_err() before releasing the file, otherwise dereferencing sock->sk can return garbage. This also reverts 7afc6d0a107f ("net/handshake: Fix uninitialized local variable") Unable to handle kernel paging request at virtual address dfff800000000003 KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] Mem abort info: ESR = 0x0000000096000005 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x05: level 1 translation fault Data abort info: ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [dfff800000000003] address between user and kernel address ranges Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP Modules linked in: CPU: 1 PID: 5986 Comm: syz-executor292 Not tainted 6.5.0-rc7-syzkaller-gfe4469582053 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : handshake_nl_done_doit+0x198/0x9c8 net/handshake/netlink.c:193 lr : handshake_nl_done_doit+0x180/0x9c8 sp : ffff800096e37180 x29: ffff800096e37200 x28: 1ffff00012dc6e34 x27: dfff800000000000 x26: ffff800096e373d0 x25: 0000000000000000 x24: 00000000ffffffa8 x23: ffff800096e373f0 x22: 1ffff00012dc6e38 x21: 0000000000000000 x20: ffff800096e371c0 x19: 0000000000000018 x18: 0000000000000000 x17: 0000000000000000 x16: ffff800080516cc4 x15: 0000000000000001 x14: 1fffe0001b14aa3b x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000003 x8 : 0000000000000003 x7 : ffff800080afe47c x6 : 0000000000000000 x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff800080a88078 x2 : 0000000000000001 x1 : 00000000ffffffa8 x0 : 0000000000000000 Call trace: handshake_nl_done_doit+0x198/0x9c8 net/handshake/netlink.c:193 genl_family_rcv_msg_doit net/netlink/genetlink.c:970 [inline] genl_family_rcv_msg net/netlink/genetlink.c:1050 [inline] genl_rcv_msg+0x96c/0xc50 net/netlink/genetlink.c:1067 netlink_rcv_skb+0x214/0x3c4 net/netlink/af_netlink.c:2549 genl_rcv+0x38/0x50 net/netlink/genetlink.c:1078 netlink_unicast_kernel net/netlink/af_netlink.c:1339 [inline] netlink_unicast+0x660/0x8d4 net/netlink/af_netlink.c:1365 netlink_sendmsg+0x834/0xb18 net/netlink/af_netlink.c:1914 sock_sendmsg_nosec net/socket.c:725 [inline] sock_sendmsg net/socket.c:748 [inline] ____sys_sendmsg+0x56c/0x840 net/socket.c:2494 ___sys_sendmsg net/socket.c:2548 [inline] __sys_sendmsg+0x26c/0x33c net/socket.c:2577 __do_sys_sendmsg net/socket.c:2586 [inline] __se_sys_sendmsg net/socket.c:2584 [inline] __arm64_sys_sendmsg+0x80/0x94 net/socket.c:2584 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:155 el0_svc+0x58/0x16c arch/arm64/kernel/entry-common.c:678 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 Code: 12800108 b90043e8 910062b3 d343fe68 (387b6908) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53687 - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk

CVE ID : CVE-2023-53687 Published : Oct. 7, 2025, 4:15 p.m. | 2 hours, 24 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk When the best clk is searched, we iterate over all possible clk. If we find a better match, the previous one, if any, needs to be freed. If a better match has already been found, we still need to free the new one, otherwise it leaks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2025-11399 - SourceCodester Hotel and Lodge Management System save_room.php sql injection

CVE ID : CVE-2025-11399 Published : Oct. 7, 2025, 4:15 p.m. | 2 hours, 24 minutes ago Description : A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/save_room.php. The manipulation of the argument floorno leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2025-11400 - SourceCodester Hotel and Lodge Management System del_room.php sql injection

CVE ID : CVE-2025-11400 Published : Oct. 7, 2025, 4:15 p.m. | 2 hours, 24 minutes ago Description : A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /del_room.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2025-60312 - Sourcecodester Markdown to HTML Converter XSS

CVE ID : CVE-2025-60312 Published : Oct. 7, 2025, 4:15 p.m. | 2 hours, 24 minutes ago Description : Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53674 - clk: Fix memory leak in devm_clk_notifier_register()

CVE ID : CVE-2023-53674 Published : Oct. 7, 2025, 4:15 p.m. | 1 hour, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devm_clk_notifier_register() devm_clk_notifier_register() allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on device detach and the allocated resource was leaked. Fix the issue by registering the resource through devres_add(). This issue was found with kmemleak on a Chromebook. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53675 - scsi: ses: Fix possible desc_ptr out-of-bounds accesses

CVE ID : CVE-2023-53675 Published : Oct. 7, 2025, 4:15 p.m. | 1 hour, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible desc_ptr out-of-bounds accesses Sanitize possible desc_ptr out-of-bounds accesses in ses_enclosure_data_process(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53676 - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()

CVE ID : CVE-2023-53676 Published : Oct. 7, 2025, 4:15 p.m. | 1 hour, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking for the buffer length. With enough iSCSI connections it's possible to overflow the buffer provided by configfs and corrupt the memory. This patch replaces sprintf() with sysfs_emit_at() that checks for buffer boundries. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53677 - drm/i915: Fix memory leaks in i915 selftests

CVE ID : CVE-2023-53677 Published : Oct. 7, 2025, 4:15 p.m. | 1 hour, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix memory leaks in i915 selftests This patch fixes memory leaks on error escapes in function fake_get_pages (cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53678 - drm/i915: Fix system suspend without fbdev being initialized

CVE ID : CVE-2023-53678 Published : Oct. 7, 2025, 4:15 p.m. | 1 hour, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix system suspend without fbdev being initialized If fbdev is not initialized for some reason - in practice on platforms without display - suspending fbdev should be skipped during system suspend, fix this up. While at it add an assert that suspending fbdev only happens with the display present. This fixes the following: [ 91.227923] PM: suspend entry (s2idle) [ 91.254598] Filesystems sync: 0.025 seconds [ 91.270518] Freezing user space processes [ 91.272266] Freezing user space processes completed (elapsed 0.001 seconds) [ 91.272686] OOM killer disabled. [ 91.272872] Freezing remaining freezable tasks [ 91.274295] Freezing remaining freezable tasks completed (elapsed 0.001 seconds) [ 91.659622] BUG: kernel NULL pointer dereference, address: 00000000000001c8 [ 91.659981] #PF: supervisor write access in kernel mode [ 91.660252] #PF: error_code(0x0002) - not-present page [ 91.660511] PGD 0 P4D 0 [ 91.660647] Oops: 0002 [#1] PREEMPT SMP NOPTI [ 91.660875] CPU: 4 PID: 917 Comm: bash Not tainted 6.2.0-rc7+ #54 [ 91.661185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20221117gitfff6d81270b5-9.fc37 unknown [ 91.661680] RIP: 0010:mutex_lock+0x19/0x30 [ 91.661914] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 53 48 89 fb e8 62 d3 ff ff 31 c0 65 48 8b 14 25 00 15 03 00 48 0f b1 13 75 06 5b c3 cc cc cc cc 48 89 df 5b eb b4 0f 1f 40 [ 91.662840] RSP: 0018:ffffa1e8011ffc08 EFLAGS: 00010246 [ 91.663087] RAX: 0000000000000000 RBX: 00000000000001c8 RCX: 0000000000000000 [ 91.663440] RDX: ffff8be455eb0000 RSI: 0000000000000001 RDI: 00000000000001c8 [ 91.663802] RBP: ffff8be459440000 R08: ffff8be459441f08 R09: ffffffff8e1432c0 [ 91.664167] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 [ 91.664532] R13: 00000000000001c8 R14: 0000000000000000 R15: ffff8be442f4fb20 [ 91.664905] FS: 00007f28ffc16740(0000) GS:ffff8be4bb900000(0000) knlGS:0000000000000000 [ 91.665334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 91.665626] CR2: 00000000000001c8 CR3: 0000000114926006 CR4: 0000000000770ee0 [ 91.665988] PKRU: 55555554 [ 91.666131] Call Trace: [ 91.666265] [ 91.666381] intel_fbdev_set_suspend+0x97/0x1b0 [i915] [ 91.666738] i915_drm_suspend+0xb9/0x100 [i915] [ 91.667029] pci_pm_suspend+0x78/0x170 [ 91.667234] ? __pfx_pci_pm_suspend+0x10/0x10 [ 91.667461] dpm_run_callback+0x47/0x150 [ 91.667673] __device_suspend+0x10a/0x4e0 [ 91.667880] dpm_suspend+0x134/0x270 [ 91.668069] dpm_suspend_start+0x79/0x80 [ 91.668272] suspend_devices_and_enter+0x11b/0x890 [ 91.668526] pm_suspend.cold+0x270/0x2fc [ 91.668737] state_store+0x46/0x90 [ 91.668916] kernfs_fop_write_iter+0x11b/0x200 [ 91.669153] vfs_write+0x1e1/0x3a0 [ 91.669336] ksys_write+0x53/0xd0 [ 91.669510] do_syscall_64+0x58/0xc0 [ 91.669699] ? syscall_exit_to_user_mode_prepare+0x18e/0x1c0 [ 91.669980] ? syscall_exit_to_user_mode_prepare+0x18e/0x1c0 [ 91.670278] ? syscall_exit_to_user_mode+0x17/0x40 [ 91.670524] ? do_syscall_64+0x67/0xc0 [ 91.670717] ? __irq_exit_rcu+0x3d/0x140 [ 91.670931] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 91.671202] RIP: 0033:0x7f28ffd14284 v2: CC stable. (Jani) References: https://gitlab.freedesktop.org/drm/intel/-/issues/8015 (cherry picked from commit 9542d708409a41449e99c9a464deb5e062c4bee2) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53679 - wifi: mt7601u: fix an integer underflow

CVE ID : CVE-2023-53679 Published : Oct. 7, 2025, 4:15 p.m. | 1 hour, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer dereference in 'mt7601u_rx_skb_from_seg()'. The variable 'dma_len' in the URB packet could be manipulated, which could trigger an integer underflow of 'seg_len' in 'mt7601u_rx_process_seg()'. This underflow subsequently causes the 'bad_frame' checks in 'mt7601u_rx_skb_from_seg()' to be bypassed, eventually leading to a dereference of the pointer 'p', which is a null pointer. Ensure that 'dma_len' is greater than 'min_seg_len'. Found by a modified version of syzkaller. KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 12 Comm: ksoftirqd/0 Tainted: G W O 5.14.0+ #139 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014 RIP: 0010:skb_add_rx_frag+0x143/0x370 Code: e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 86 01 00 00 4c 8d 7d 08 44 89 68 08 48 b8 00 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 3c 02 00 0f 85 cd 01 00 00 48 8b 45 08 a8 01 0f 85 3d 01 00 00 RSP: 0018:ffffc900000cfc90 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: ffff888115520dc0 RCX: 0000000000000000 RDX: 0000000000000001 RSI: ffff8881118430c0 RDI: ffff8881118430f8 RBP: 0000000000000000 R08: 0000000000000e09 R09: 0000000000000010 R10: ffff888111843017 R11: ffffed1022308602 R12: 0000000000000000 R13: 0000000000000e09 R14: 0000000000000010 R15: 0000000000000008 FS: 0000000000000000(0000) GS:ffff88811a800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000004035af40 CR3: 00000001157f2000 CR4: 0000000000750ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: mt7601u_rx_tasklet+0xc73/0x1270 ? mt7601u_submit_rx_buf.isra.0+0x510/0x510 ? tasklet_action_common.isra.0+0x79/0x2f0 tasklet_action_common.isra.0+0x206/0x2f0 __do_softirq+0x1b5/0x880 ? tasklet_unlock+0x30/0x30 run_ksoftirqd+0x26/0x50 smpboot_thread_fn+0x34f/0x7d0 ? smpboot_register_percpu_thread+0x370/0x370 kthread+0x3a1/0x480 ? set_kthread_struct+0x120/0x120 ret_from_fork+0x1f/0x30 Modules linked in: 88XXau(O) 88x2bu(O) ---[ end trace 57f34f93b4da0f9b ]--- RIP: 0010:skb_add_rx_frag+0x143/0x370 Code: e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 86 01 00 00 4c 8d 7d 08 44 89 68 08 48 b8 00 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 3c 02 00 0f 85 cd 01 00 00 48 8b 45 08 a8 01 0f 85 3d 01 00 00 RSP: 0018:ffffc900000cfc90 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: ffff888115520dc0 RCX: 0000000000000000 RDX: 0000000000000001 RSI: ffff8881118430c0 RDI: ffff8881118430f8 RBP: 0000000000000000 R08: 0000000000000e09 R09: 0000000000000010 R10: ffff888111843017 R11: ffffed1022308602 R12: 0000000000000000 R13: 0000000000000e09 R14: 0000000000000010 R15: 0000000000000008 FS: 0000000000000000(0000) GS:ffff88811a800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000004035af40 CR3: 00000001157f2000 CR4: 0000000000750ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53680 - NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

CVE ID : CVE-2023-53680 Published : Oct. 7, 2025, 4:15 p.m. | 1 hour, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL OPDESC() simply indexes into nfsd4_ops[] by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds opnum value. nfsd4_decode_compound() is not so careful, and can invoke OPDESC() with opnum set to OP_ILLEGAL, which is 10044 -- well beyond the end of nfsd4_ops[]. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53681 - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent

CVE ID : CVE-2023-53681 Published : Oct. 7, 2025, 4:15 p.m. | 1 hour, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent In some specific situations, the return value of __bch_btree_node_alloc may be NULL. This may lead to a potential NULL pointer dereference in caller function like a calling chain : btree_split->bch_btree_node_alloc->__bch_btree_node_alloc. Fix it by initializing the return value in __bch_btree_node_alloc. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53682 - hwmon: (xgene) Fix ioremap and memremap leak

CVE ID : CVE-2023-53682 Published : Oct. 7, 2025, 4:15 p.m. | 1 hour, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: hwmon: (xgene) Fix ioremap and memremap leak Smatch reports: drivers/hwmon/xgene-hwmon.c:757 xgene_hwmon_probe() warn: 'ctx->pcc_comm_addr' from ioremap() not released on line: 757. This is because in drivers/hwmon/xgene-hwmon.c:701 xgene_hwmon_probe(), ioremap and memremap is not released, which may cause a leak. To fix this, ioremap and memremap is modified to devm_ioremap and devm_memremap. [groeck: Fixed formatting and subject] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53666 - ASoC: codecs: wcd938x: fix missing mbhc init error handling

CVE ID : CVE-2023-53666 Published : Oct. 7, 2025, 4:15 p.m. | 23 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix missing mbhc init error handling MBHC initialisation can fail so add the missing error handling to avoid dereferencing an error pointer when later configuring the jack: Unable to handle kernel paging request at virtual address fffffffffffffff8 pc : wcd_mbhc_start+0x28/0x380 [snd_soc_wcd_mbhc] lr : wcd938x_codec_set_jack+0x28/0x48 [snd_soc_wcd938x] Call trace: wcd_mbhc_start+0x28/0x380 [snd_soc_wcd_mbhc] wcd938x_codec_set_jack+0x28/0x48 [snd_soc_wcd938x] snd_soc_component_set_jack+0x28/0x8c [snd_soc_core] qcom_snd_wcd_jack_setup+0x7c/0x19c [snd_soc_qcom_common] sc8280xp_snd_init+0x20/0x2c [snd_soc_sc8280xp] snd_soc_link_init+0x28/0x90 [snd_soc_core] snd_soc_bind_card+0x628/0xbfc [snd_soc_core] snd_soc_register_card+0xec/0x104 [snd_soc_core] devm_snd_soc_register_card+0x4c/0xa4 [snd_soc_core] sc8280xp_platform_probe+0xf0/0x108 [snd_soc_sc8280xp] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53667 - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize

CVE ID : CVE-2023-53667 Published : Oct. 7, 2025, 4:15 p.m. | 23 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize Currently in cdc_ncm_check_tx_max(), if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets tx_max to dwNtbOutMaxSize. This is then used to allocate a new SKB in cdc_ncm_fill_tx_frame() where all the data is handled. For small values of dwNtbOutMaxSize the memory allocated during alloc_skb(dwNtbOutMaxSize, GFP_ATOMIC) will have the same size, due to how size is aligned at alloc time: size = SKB_DATA_ALIGN(size); size += SKB_DATA_ALIGN(sizeof(struct skb_shared_info)); Thus we hit the same bug that we tried to squash with commit 2be6d4d16a084 ("net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero") Low values of dwNtbOutMaxSize do not cause an issue presently because at alloc_skb() time more memory (512b) is allocated than required for the SKB headers alone (320b), leaving some space (512b - 320b = 192b) for CDC data (172b). However, if more elements (for example 3 x u64 = [24b]) were added to one of the SKB header structs, say 'struct skb_shared_info', increasing its original size (320b [320b aligned]) to something larger (344b [384b aligned]), then suddenly the CDC data (172b) no longer fits in the spare SKB data area (512b - 384b = 128b). Consequently the SKB bounds checking semantics fails and panics: skbuff: skb_over_panic: text:ffffffff831f755b len:184 put:172 head:ffff88811f1c6c00 data:ffff88811f1c6c00 tail:0xb8 end:0x80 dev: ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:113! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 57 Comm: kworker/0:2 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 Workqueue: mld mld_ifc_work RIP: 0010:skb_panic net/core/skbuff.c:113 [inline] RIP: 0010:skb_over_panic+0x14c/0x150 net/core/skbuff.c:118 [snip] Call Trace: skb_put+0x151/0x210 net/core/skbuff.c:2047 skb_put_zero include/linux/skbuff.h:2422 [inline] cdc_ncm_ndp16 drivers/net/usb/cdc_ncm.c:1131 [inline] cdc_ncm_fill_tx_frame+0x11ab/0x3da0 drivers/net/usb/cdc_ncm.c:1308 cdc_ncm_tx_fixup+0xa3/0x100 Deal with too low values of dwNtbOutMaxSize, clamp it in the range [USB_CDC_NCM_NTB_MIN_OUT_SIZE, CDC_NCM_NTB_MAX_SIZE_TX]. We ensure enough data space is allocated to handle CDC data by making sure dwNtbOutMaxSize is not smaller than USB_CDC_NCM_NTB_MIN_OUT_SIZE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53668 - ring-buffer: Fix deadloop issue on reading trace_pipe

CVE ID : CVE-2023-53668 Published : Oct. 7, 2025, 4:15 p.m. | 23 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix deadloop issue on reading trace_pipe Soft lockup occurs when reading file 'trace_pipe': watchdog: BUG: soft lockup - CPU#6 stuck for 22s! [cat:4488] [...] RIP: 0010:ring_buffer_empty_cpu+0xed/0x170 RSP: 0018:ffff88810dd6fc48 EFLAGS: 00000246 RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff93d1aaeb RDX: ffff88810a280040 RSI: 0000000000000008 RDI: ffff88811164b218 RBP: ffff88811164b218 R08: 0000000000000000 R09: ffff88815156600f R10: ffffed102a2acc01 R11: 0000000000000001 R12: 0000000051651901 R13: 0000000000000000 R14: ffff888115e49500 R15: 0000000000000000 [...] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8d853c2000 CR3: 000000010dcd8000 CR4: 00000000000006e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __find_next_entry+0x1a8/0x4b0 ? peek_next_entry+0x250/0x250 ? down_write+0xa5/0x120 ? down_write_killable+0x130/0x130 trace_find_next_entry_inc+0x3b/0x1d0 tracing_read_pipe+0x423/0xae0 ? tracing_splice_read_pipe+0xcb0/0xcb0 vfs_read+0x16b/0x490 ksys_read+0x105/0x210 ? __ia32_sys_pwrite64+0x200/0x200 ? switch_fpu_return+0x108/0x220 do_syscall_64+0x33/0x40 entry_SYSCALL_64_after_hwframe+0x61/0xc6 Through the vmcore, I found it's because in tracing_read_pipe(), ring_buffer_empty_cpu() found some buffer is not empty but then it cannot read anything due to "rb_num_of_entries() == 0" always true, Then it infinitely loop the procedure due to user buffer not been filled, see following code path: tracing_read_pipe() { ... ... waitagain: tracing_wait_pipe() // 1. find non-empty buffer here trace_find_next_entry_inc() // 2. loop here try to find an entry __find_next_entry() ring_buffer_empty_cpu(); // 3. find non-empty buffer peek_next_entry() // 4. but peek always return NULL ring_buffer_peek() rb_buffer_peek() rb_get_reader_page() // 5. because rb_num_of_entries() == 0 always true here // then return NULL // 6. user buffer not been filled so goto 'waitgain' // and eventually leads to an deadloop in kernel!!! } By some analyzing, I found that when resetting ringbuffer, the 'entries' of its pages are not all cleared (see rb_reset_cpu()). Then when reducing the ringbuffer, and if some reduced pages exist dirty 'entries' data, they will be added into 'cpu_buffer->overrun' (see rb_remove_pages()), which cause wrong 'overrun' count and eventually cause the deadloop issue. To fix it, we need to clear every pages in rb_reset_cpu(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53669 - tcp: fix skb_copy_ubufs() vs BIG TCP

CVE ID : CVE-2023-53669 Published : Oct. 7, 2025, 4:15 p.m. | 23 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: tcp: fix skb_copy_ubufs() vs BIG TCP David Ahern reported crashes in skb_copy_ubufs() caused by TCP tx zerocopy using hugepages, and skb length bigger than ~68 KB. skb_copy_ubufs() assumed it could copy all payload using up to MAX_SKB_FRAGS order-0 pages. This assumption broke when BIG TCP was able to put up to 512 KB per skb. We did not hit this bug at Google because we use CONFIG_MAX_SKB_FRAGS=45 and limit gso_max_size to 180000. A solution is to use higher order pages if needed. v2: add missing __GFP_COMP, or we leak memory. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53670 - nvme-core: fix dev_pm_qos memleak

CVE ID : CVE-2023-53670 Published : Oct. 7, 2025, 4:15 p.m. | 23 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix dev_pm_qos memleak Call dev_pm_qos_hide_latency_tolerance() in the error unwind patch to avoid following kmemleak:- blktests (master) # kmemleak-clear; ./check nvme/044; blktests (master) # kmemleak-scan ; kmemleak-show nvme/044 (Test bi-directional authentication) [passed] runtime 2.111s ... 2.124s unreferenced object 0xffff888110c46240 (size 96): comm "nvme", pid 33461, jiffies 4345365353 (age 75.586s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] kmalloc_trace+0x25/0x90 [] dev_pm_qos_update_user_latency_tolerance+0x6f/0x100 [] nvme_init_ctrl+0x38e/0x410 [nvme_core] [] 0xffffffffc05e88b3 [] 0xffffffffc05744cb [] vfs_write+0xc5/0x3c0 [] ksys_write+0x5f/0xe0 [] do_syscall_64+0x3b/0x90 [] entry_SYSCALL_64_after_hwframe+0x72/0xdc Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53671 - srcu: Delegate work to the boot cpu if using SRCU_SIZE_SMALL

CVE ID : CVE-2023-53671 Published : Oct. 7, 2025, 4:15 p.m. | 23 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: srcu: Delegate work to the boot cpu if using SRCU_SIZE_SMALL Commit 994f706872e6 ("srcu: Make Tree SRCU able to operate without snp_node array") assumes that cpu 0 is always online. However, there really are situations when some other CPU is the boot CPU, for example, when booting a kdump kernel with the maxcpus=1 boot parameter. On PowerPC, the kdump kernel can hang as follows: ... [ 1.740036] systemd[1]: Hostname set to [ 243.686240] INFO: task systemd:1 blocked for more than 122 seconds. [ 243.686264] Not tainted 6.1.0-rc1 #1 [ 243.686272] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 243.686281] task:systemd state:D stack:0 pid:1 ppid:0 flags:0x00042000 [ 243.686296] Call Trace: [ 243.686301] [c000000016657640] [c000000016657670] 0xc000000016657670 (unreliable) [ 243.686317] [c000000016657830] [c00000001001dec0] __switch_to+0x130/0x220 [ 243.686333] [c000000016657890] [c000000010f607b8] __schedule+0x1f8/0x580 [ 243.686347] [c000000016657940] [c000000010f60bb4] schedule+0x74/0x140 [ 243.686361] [c0000000166579b0] [c000000010f699b8] schedule_timeout+0x168/0x1c0 [ 243.686374] [c000000016657a80] [c000000010f61de8] __wait_for_common+0x148/0x360 [ 243.686387] [c000000016657b20] [c000000010176bb0] __flush_work.isra.0+0x1c0/0x3d0 [ 243.686401] [c000000016657bb0] [c0000000105f2768] fsnotify_wait_marks_destroyed+0x28/0x40 [ 243.686415] [c000000016657bd0] [c0000000105f21b8] fsnotify_destroy_group+0x68/0x160 [ 243.686428] [c000000016657c40] [c0000000105f6500] inotify_release+0x30/0xa0 [ 243.686440] [c000000016657cb0] [c0000000105751a8] __fput+0xc8/0x350 [ 243.686452] [c000000016657d00] [c00000001017d524] task_work_run+0xe4/0x170 [ 243.686464] [c000000016657d50] [c000000010020e94] do_notify_resume+0x134/0x140 [ 243.686478] [c000000016657d80] [c00000001002eb18] interrupt_exit_user_prepare_main+0x198/0x270 [ 243.686493] [c000000016657de0] [c00000001002ec60] syscall_exit_prepare+0x70/0x180 [ 243.686505] [c000000016657e10] [c00000001000bf7c] system_call_vectored_common+0xfc/0x280 [ 243.686520] --- interrupt: 3000 at 0x7fffa47d5ba4 [ 243.686528] NIP: 00007fffa47d5ba4 LR: 0000000000000000 CTR: 0000000000000000 [ 243.686538] REGS: c000000016657e80 TRAP: 3000 Not tainted (6.1.0-rc1) [ 243.686548] MSR: 800000000000d033 CR: 42044440 XER: 00000000 [ 243.686572] IRQMASK: 0 [ 243.686572] GPR00: 0000000000000006 00007ffffa606710 00007fffa48e7200 0000000000000000 [ 243.686572] GPR04: 0000000000000002 000000000000000a 0000000000000000 0000000000000001 [ 243.686572] GPR08: 000001000c172dd0 0000000000000000 0000000000000000 0000000000000000 [ 243.686572] GPR12: 0000000000000000 00007fffa4ff4bc0 0000000000000000 0000000000000000 [ 243.686572] GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 [ 243.686572] GPR20: 0000000132dfdc50 000000000000000e 0000000000189375 0000000000000000 [ 243.686572] GPR24: 00007ffffa606ae0 0000000000000005 000001000c185490 000001000c172570 [ 243.686572] GPR28: 000001000c172990 000001000c184850 000001000c172e00 00007fffa4fedd98 [ 243.686683] NIP [00007fffa47d5ba4] 0x7fffa47d5ba4 [ 243.686691] LR [0000000000000000] 0x0 [ 243.686698] --- interrupt: 3000 [ 243.686708] INFO: task kworker/u16:1:24 blocked for more than 122 seconds. [ 243.686717] Not tainted 6.1.0-rc1 #1 [ 243.686724] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 243.686733] task:kworker/u16:1 state:D stack:0 pid:24 ppid:2 flags:0x00000800 [ 243.686747] Workqueue: events_unbound fsnotify_mark_destroy_workfn [ 243.686758] Call Trace: [ 243.686762] [c0000000166736e0] [c00000004fd91000] 0xc00000004fd91000 (unreliable) [ 243.686775] [c0000000166738d0] [c00000001001dec0] __switch_to+0x130/0x220 [ 243.686788] [c000000016673930] [c000000010f607b8] __schedule+0x1f8/0x ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53672 - btrfs: output extra debug info if we failed to find an inline backref

CVE ID : CVE-2023-53672 Published : Oct. 7, 2025, 4:15 p.m. | 23 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref [BUG] Syzbot reported several warning triggered inside lookup_inline_extent_backref(). [CAUSE] As usual, the reproducer doesn't reliably trigger locally here, but at least we know the WARN_ON() is triggered when an inline backref can not be found, and it can only be triggered when @insert is true. (I.e. inserting a new inline backref, which means the backref should already exist) [ENHANCEMENT] After the WARN_ON(), dump all the parameters and the extent tree leaf to help debug. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53673 - Bluetooth: hci_event: call disconnect callback before deleting conn

CVE ID : CVE-2023-53673 Published : Oct. 7, 2025, 4:15 p.m. | 23 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In hci_cs_disconnect, we do hci_conn_del even if disconnection failed. ISO, L2CAP and SCO connections refer to the hci_conn without hci_conn_get, so disconn_cfm must be called so they can clean up their conn, otherwise use-after-free occurs. ISO: ========================================================== iso_sock_connect:880: sk 00000000eabd6557 iso_connect_cis:356: 70:1a:b8:98:ff:a2 -> 28:3d:c2:4a:7e:da ... iso_conn_add:140: hcon 000000001696f1fd conn 00000000b6251073 hci_dev_put:1487: hci0 orig refcnt 17 __iso_chan_add:214: conn 00000000b6251073 iso_sock_clear_timer:117: sock 00000000eabd6557 state 3 ... hci_rx_work:4085: hci0 Event packet hci_event_packet:7601: hci0: event 0x0f hci_cmd_status_evt:4346: hci0: opcode 0x0406 hci_cs_disconnect:2760: hci0: status 0x0c hci_sent_cmd_data:3107: hci0 opcode 0x0406 hci_conn_del:1151: hci0 hcon 000000001696f1fd handle 2560 hci_conn_unlink:1102: hci0: hcon 000000001696f1fd hci_conn_drop:1451: hcon 00000000d8521aaf orig refcnt 2 hci_chan_list_flush:2780: hcon 000000001696f1fd hci_dev_put:1487: hci0 orig refcnt 21 hci_dev_put:1487: hci0 orig refcnt 20 hci_req_cmd_complete:3978: opcode 0x0406 status 0x0c ... ... iso_sock_sendmsg:1098: sock 00000000dea5e2e0, sk 00000000eabd6557 BUG: kernel NULL pointer dereference, address: 0000000000000668 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014 RIP: 0010:iso_sock_sendmsg (net/bluetooth/iso.c:1112) bluetooth ========================================================== L2CAP: ================================================================== hci_cmd_status_evt:4359: hci0: opcode 0x0406 hci_cs_disconnect:2760: hci0: status 0x0c hci_sent_cmd_data:3085: hci0 opcode 0x0406 hci_conn_del:1151: hci0 hcon ffff88800c999000 handle 3585 hci_conn_unlink:1102: hci0: hcon ffff88800c999000 hci_chan_list_flush:2780: hcon ffff88800c999000 hci_chan_del:2761: hci0 hcon ffff88800c999000 chan ffff888018ddd280 ... BUG: KASAN: slab-use-after-free in hci_send_acl+0x2d/0x540 [bluetooth] Read of size 8 at addr ffff888018ddd298 by task bluetoothd/1175 CPU: 0 PID: 1175 Comm: bluetoothd Tainted: G E 6.4.0-rc4+ #2 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014 Call Trace: dump_stack_lvl+0x5b/0x90 print_report+0xcf/0x670 ? __virt_addr_valid+0xf8/0x180 ? hci_send_acl+0x2d/0x540 [bluetooth] kasan_report+0xa8/0xe0 ? hci_send_acl+0x2d/0x540 [bluetooth] hci_send_acl+0x2d/0x540 [bluetooth] ? __pfx___lock_acquire+0x10/0x10 l2cap_chan_send+0x1fd/0x1300 [bluetooth] ? l2cap_sock_sendmsg+0xf2/0x170 [bluetooth] ? __pfx_l2cap_chan_send+0x10/0x10 [bluetooth] ? lock_release+0x1d5/0x3c0 ? mark_held_locks+0x1a/0x90 l2cap_sock_sendmsg+0x100/0x170 [bluetooth] sock_write_iter+0x275/0x280 ? __pfx_sock_write_iter+0x10/0x10 ? __pfx___lock_acquire+0x10/0x10 do_iter_readv_writev+0x176/0x220 ? __pfx_do_iter_readv_writev+0x10/0x10 ? find_held_lock+0x83/0xa0 ? selinux_file_permission+0x13e/0x210 do_iter_write+0xda/0x340 vfs_writev+0x1b4/0x400 ? __pfx_vfs_writev+0x10/0x10 ? __seccomp_filter+0x112/0x750 ? populate_seccomp_data+0x182/0x220 ? __fget_light+0xdf/0x100 ? do_writev+0x19d/0x210 do_writev+0x19d/0x210 ? __pfx_do_writev+0x10/0x10 ? mark_held_locks+0x1a/0x90 do_syscall_64+0x60/0x90 ? lockdep_hardirqs_on_prepare+0x149/0x210 ? do_syscall_64+0x6c/0x90 ? lockdep_hardirqs_on_prepare+0x149/0x210 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7ff45cb23e64 Code: 15 d1 1f 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d 9d a7 0d 00 00 74 13 b8 14 00 00 00 0f 05 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89 RSP: 002b:00007fff21ae09b8 EFLAGS: 00000202 ORIG_RAX: 0000000000000014 RAX: ffffffffffffffda RBX: ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 16:15:00 GMT

read more

CVE-2023-53664 - OPP: Fix potential null ptr dereference in dev_pm_opp_get_required_pstate()

CVE ID : CVE-2023-53664 Published : Oct. 7, 2025, 3:21 p.m. | 45 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: OPP: Fix potential null ptr dereference in dev_pm_opp_get_required_pstate() "opp" pointer is dereferenced before the IS_ERR_OR_NULL() check. Fix it by removing the dereference to cache opp_table and dereference it directly where opp_table is used. This fixes the following smatch warning: drivers/opp/core.c:232 dev_pm_opp_get_required_pstate() warn: variable dereferenced before IS_ERR check 'opp' (see line 230) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 15:21:00 GMT

read more

CVE-2023-53665 - md: don't dereference mddev after export_rdev()

CVE ID : CVE-2023-53665 Published : Oct. 7, 2025, 3:21 p.m. | 45 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after export_rdev() Except for initial reference, mddev->kobject is referenced by rdev->kobject, and if the last rdev is freed, there is no guarantee that mddev is still valid. Hence mddev should not be used anymore after export_rdev(). This problem can be triggered by following test for mdadm at very low rate: New file: mdadm/tests/23rdev-lifetime devname=${dev0##*/} devt=`cat /sys/block/$devname/dev` pid="" runtime=2 clean_up_test() { pill -9 $pid echo clear > /sys/block/md0/md/array_state } trap 'clean_up_test' EXIT add_by_sysfs() { while true; do echo $devt > /sys/block/md0/md/new_dev done } remove_by_sysfs(){ while true; do echo remove > /sys/block/md0/md/dev-${devname}/state done } echo md0 > /sys/module/md_mod/parameters/new_array || die "create md0 failed" add_by_sysfs & pid="$pid $!" remove_by_sysfs & pid="$pid $!" sleep $runtime exit 0 Test cmd: ./test --save-logs --logdir=/tmp/ --keep-going --dev=loop --tests=23rdev-lifetime Test result: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6bcb: 0000 [#4] PREEMPT SMP CPU: 0 PID: 1292 Comm: test Tainted: G D W 6.5.0-rc2-00121-g01e55c376936 #562 RIP: 0010:md_wakeup_thread+0x9e/0x320 [md_mod] Call Trace: mddev_unlock+0x1b6/0x310 [md_mod] rdev_attr_store+0xec/0x190 [md_mod] sysfs_kf_write+0x52/0x70 kernfs_fop_write_iter+0x19a/0x2a0 vfs_write+0x3b5/0x770 ksys_write+0x74/0x150 __x64_sys_write+0x22/0x30 do_syscall_64+0x40/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd Fix this problem by don't dereference mddev after export_rdev(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 15:21:00 GMT

read more

CVE-2021-22291 - EIBPORT Reflected XSS

CVE ID : CVE-2021-22291 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-11397 - SourceCodester Hotel and Lodge Management System login.php sql injection

CVE ID : CVE-2025-11397 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : A security flaw has been discovered in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /login.php. Performing manipulation of the argument email results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-25009 - Kibana Cross-Site Scripting (XSS)

CVE ID : CVE-2025-25009 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-37728 - Kibana Insufficiently Protected Credentials in the CrowdStrike Connector

CVE ID : CVE-2025-37728 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Insufficiently Protected Credentials in the Crowdstrike connector can lead to Crowdstrike credentials being leaked. A malicious user can access cached credentials from a Crowdstrike connector in another space by creating and running a Crowdstrike connector in a space to which they have access. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-48826 - Planet WGR-500 Format String Vulnerability

CVE ID : CVE-2025-48826 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-50505 - Clash Verge Rev Privilege Escalation Vulnerability

CVE ID : CVE-2025-50505 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Clash Verge Rev thru 2.2.3 forces the installation of system services(clash-verge-service) by default and exposes key functions through the unauthorized HTTP API `/start_clash`, allowing local users to submit arbitrary bin_path parameters and pass them directly to the service process for execution, resulting in local privilege escalation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-53476 - OpenPLC ModbusTCP Server Denial of Service

CVE ID : CVE-2025-53476 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : A denial of service vulnerability exists in the ModbusTCP server functionality of OpenPLC _v3 a931181e8b81e36fadf7b74d5cba99b73c3f6d58. A specially crafted series of network connections can lead to the server not processing subsequent Modbus requests. An attacker can open a series of TCP connections to trigger this vulnerability. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54399 - Planet WGR-500 HTTP PingCmd Stack-Based Buffer Overflow

CVE ID : CVE-2025-54399 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `ipaddr` request parameter for composing the `"ping -c 2>&1 > %s &"` string. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54400 - Planet WGR-500 HTTP PingCmd Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54400 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `counts` request parameter for composing the `"ping -c 2>&1 > %s &"` string. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54401 - Planet WGR-500 HTTP FormPingCmd Stack Buffer Overflow

CVE ID : CVE-2025-54401 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `submit-url` request parameter. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54402 - Multiple stack-based buffer overflow vulnerabiliti

CVE ID : CVE-2025-54402 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `submit-url` and `ipaddr` request parameters combined. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54403 - Planet WGR-500 Swctrl OS Command Injection Vulnerability

CVE ID : CVE-2025-54403 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related to the `new_password` request parameter. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54404 - Planet WGR-500 OS Command Injection Vulnerability in swctrl

CVE ID : CVE-2025-54404 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related to the `new_device_name` request parameter. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54405 - Planet WGR-500 HTTP PingCmd Command Injection Vulnerability

CVE ID : CVE-2025-54405 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `ipaddr` request parameter. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-54406 - Planet WGR-500 OS Command Injection Vulnerability

CVE ID : CVE-2025-54406 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `counts` request parameter. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-57564 - CubeAPM Unauthenticated Log Injection Vulnerability

CVE ID : CVE-2025-57564 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : CubeAPM nightly-2025-08-01-1 allow unauthenticated attackers to inject arbitrary log entries into production systems via the /api/logs/insert/elasticsearch/_bulk endpoint. This endpoint accepts bulk log data without requiring authentication or input validation, allowing remote attackers to perform unauthorized log injection. Exploitation may lead to false log entries, log poisoning, alert obfuscation, and potential performance degradation of the observability pipeline. The issue is present in the core CubeAPM platform and is not limited to specific deployment configurations. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-59425 - vLLM vulnerable to timing attack at bearer auth

CVE ID : CVE-2025-59425 Published : Oct. 7, 2025, 2:15 p.m. | 23 minutes ago Description : vLLM is an inference and serving engine for large language models (LLMs). Before version 0.11.0rc2, the API key support in vLLM performs validation using a method that was vulnerable to a timing attack. API key validation uses a string comparison that takes longer the more characters the provided API key gets correct. Data analysis across many attempts could allow an attacker to determine when it finds the next correct character in the key sequence. Deployments relying on vLLM's built-in API key validation are vulnerable to authentication bypass using this technique. Version 0.11.0rc2 fixes the issue. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 14:15:00 GMT

read more

CVE-2025-3719 - Incorrect authorization for CLI in Guardian/CMC before 25.2.0

CVE ID : CVE-2025-3719 Published : Oct. 7, 2025, 1:15 p.m. | 1 hour, 23 minutes ago Description : An access control vulnerability was discovered in the CLI functionality due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can issue administrative CLI commands, altering the device configuration, and/or affecting its availability. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40649 - Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC

CVE ID : CVE-2025-40649 Published : Oct. 7, 2025, 1:15 p.m. | 1 hour, 23 minutes ago Description : Stored Cross-Site Scripting (XSS) in Biobanking and Biomolecular Resources Negotiator v3.15.2 - European Research Infrastructure (BBMRI-ERIC), consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using parameter text in '/api/v3/negotiations//posts'. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40676 - Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC

CVE ID : CVE-2025-40676 Published : Oct. 7, 2025, 1:15 p.m. | 1 hour, 23 minutes ago Description : Insecure Direct Object Reference (IDOR) in Negotiator v3.15.2 from Biobanking and Biomolecular Resources - European Research Infrastructure (BBMRI-ERIC). This vulnerability allows an attacker to access or modify unauthorised resources by manipulating requests that use the 'userID' parameter in '/api/v3/users/', which may result in the exposure or alteration of sensitive data Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40885 - Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0

CVE ID : CVE-2025-40885 Published : Oct. 7, 2025, 1:15 p.m. | 1 hour, 23 minutes ago Description : A SQL Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SELECT SQL statements on the DBMS used by the web application, potentially exposing unauthorized data. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40886 - Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0

CVE ID : CVE-2025-40886 Published : Oct. 7, 2025, 1:15 p.m. | 1 hour, 23 minutes ago Description : A SQL Injection vulnerability was discovered in the Alert functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SQL statements on the DBMS used by the web application, potentially exposing unauthorized data, altering their structure and content, and/or affecting their availability. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40887 - Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0

CVE ID : CVE-2025-40887 Published : Oct. 7, 2025, 1:15 p.m. | 1 hour, 23 minutes ago Description : A SQL Injection vulnerability was discovered in the Alert functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SELECT SQL statements on the DBMS used by the web application, potentially exposing unauthorized data. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40888 - Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0

CVE ID : CVE-2025-40888 Published : Oct. 7, 2025, 1:15 p.m. | 1 hour, 23 minutes ago Description : A SQL Injection vulnerability was discovered in the CLI functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SELECT SQL statements on the DBMS used by the web application, potentially exposing unauthorized data. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-40889 - Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0

CVE ID : CVE-2025-40889 Published : Oct. 7, 2025, 1:15 p.m. | 1 hour, 23 minutes ago Description : A path traversal vulnerability was discovered in the Time Machine functionality due to missing validation of two input parameters. An authenticated user with limited privileges, by issuing a specifically-crafted request, can potentially alter the structure and content of files in the /data folder, and/or affect their availability. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-11396 - code-projects Simple Food Ordering System product.php sql injection

CVE ID : CVE-2025-11396 Published : Oct. 7, 2025, 1:15 p.m. | 51 minutes ago Description : A vulnerability was identified in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /product.php. Such manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-3718 - Client-side path traversal in Guardian/CMC before 25.2.0

CVE ID : CVE-2025-3718 Published : Oct. 7, 2025, 1:15 p.m. | 51 minutes ago Description : A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing validation of an input parameter. An authenticated user with limited privileges can craft a malicious URL which, if visited by an authenticated victim, leads to a Cross-Site Scripting (XSS) attack. Severity: 7.9 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 13:15:00 GMT

read more

CVE-2025-0603 - SQLi in Callvision Healthcare's Callvision Emergency Code

CVE ID : CVE-2025-0603 Published : Oct. 7, 2025, 12:15 p.m. | 1 hour, 51 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Callvision Healthcare Callvision Emergency Code allows SQL Injection, Blind SQL Injection.This issue affects Callvision Emergency Code: before V3.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 12:15:00 GMT

read more

CVE-2025-11389 - Tenda AC15 saveAutoQos stack-based overflow

CVE ID : CVE-2025-11389 Published : Oct. 7, 2025, 12:15 p.m. | 1 hour, 51 minutes ago Description : A security flaw has been discovered in Tenda AC15 15.03.05.18. Affected is an unknown function of the file /goform/saveAutoQos. Performing manipulation of the argument enable results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 12:15:00 GMT

read more

CVE-2025-11390 - PHPGurukul Cyber Cafe Management System POST Parameter search.php cross site scripting

CVE ID : CVE-2025-11390 Published : Oct. 7, 2025, 12:15 p.m. | 1 hour, 51 minutes ago Description : A weakness has been identified in PHPGurukul Cyber Cafe Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php of the component POST Parameter Handler. Executing manipulation of the argument searchdata can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 12:15:00 GMT

read more

CVE-2025-11387 - Tenda AC15 fast_setting_pppoe_set stack-based overflow

CVE ID : CVE-2025-11387 Published : Oct. 7, 2025, 11:16 a.m. | 2 hours, 50 minutes ago Description : A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fast_setting_pppoe_set. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 11:16:00 GMT

read more

CVE-2025-11388 - Tenda AC15 setNotUpgrade stack-based overflow

CVE ID : CVE-2025-11388 Published : Oct. 7, 2025, 11:16 a.m. | 2 hours, 50 minutes ago Description : A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts an unknown function of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 11:16:00 GMT

read more

CVE-2025-11385 - Tenda AC20 fast_setting_wifi_set sscanf buffer overflow

CVE ID : CVE-2025-11385 Published : Oct. 7, 2025, 10:15 a.m. | 3 hours, 51 minutes ago Description : A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 10:15:00 GMT

read more

CVE-2025-11386 - Tenda AC15 POST Parameter SetDDNSCfg stack-based overflow

CVE ID : CVE-2025-11386 Published : Oct. 7, 2025, 10:15 a.m. | 3 hours, 51 minutes ago Description : A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 10:15:00 GMT

read more

CVE-2025-10645 - WP Reset 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log

CVE ID : CVE-2025-10645 Published : Oct. 7, 2025, 9:15 a.m. | 4 hours, 51 minutes ago Description : The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WF_Licensing::log() method when debugging is enabled (default). This makes it possible for unauthenticated attackers to extract sensitive license key and site data. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 09:15:00 GMT

read more

CVE-2025-11359 - code-projects Simple Banking System transfermoney.php sql injection

CVE ID : CVE-2025-11359 Published : Oct. 7, 2025, 9:15 a.m. | 4 hours, 51 minutes ago Description : A security vulnerability has been detected in code-projects Simple Banking System 1.0. The affected element is an unknown function of the file /transfermoney.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 09:15:00 GMT

read more

CVE-2025-11360 - jakowenko double-take API app.js app.use cross site scripting

CVE ID : CVE-2025-11360 Published : Oct. 7, 2025, 9:15 a.m. | 4 hours, 51 minutes ago Description : A vulnerability was detected in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting. The attack can be executed remotely. Upgrading to version 1.13.2 is sufficient to resolve this issue. The patch is identified as e11de9dd6b4ea6b7ec9a5607a920d48961e9fa50. The affected component should be upgraded. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 09:15:00 GMT

read more

CVE-2025-11358 - code-projects Simple Banking System removeuser.php sql injection

CVE ID : CVE-2025-11358 Published : Oct. 7, 2025, 8:15 a.m. | 5 hours, 51 minutes ago Description : A weakness has been identified in code-projects Simple Banking System 1.0. Impacted is an unknown function of the file /removeuser.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 08:15:00 GMT

read more

CVE-2025-7400 - Featured Image from URL (FIFU) 5.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Featured Image Custom Fields

CVE ID : CVE-2025-7400 Published : Oct. 7, 2025, 8:15 a.m. | 5 hours, 51 minutes ago Description : The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a post's Featured Image custom fields in all versions up to, and including, 5.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability was partially fixed in version 5.2.2. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 08:15:00 GMT

read more

CVE-2025-11357 - code-projects Simple Banking System createuser.php sql injection

CVE ID : CVE-2025-11357 Published : Oct. 7, 2025, 8:15 a.m. | 5 hours, 13 minutes ago Description : A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 08:15:00 GMT

read more

CVE-2025-11355 - UTT 1250GW aspChangeChannel strcpy buffer overflow

CVE ID : CVE-2025-11355 Published : Oct. 7, 2025, 7:15 a.m. | 6 hours, 13 minutes ago Description : A vulnerability has been found in UTT 1250GW up to v2v3.2.2-200710. Affected by this vulnerability is the function strcpy of the file /goform/aspChangeChannel. The manipulation of the argument pvid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 07:15:00 GMT

read more

CVE-2025-11356 - Tenda AC23 SetStaticRouteCfg sscanf buffer overflow

CVE ID : CVE-2025-11356 Published : Oct. 7, 2025, 7:15 a.m. | 6 hours, 13 minutes ago Description : A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 07:15:00 GMT

read more

CVE-2025-10162 - OrderConvo 14 - Unauthenticated Arbitrary File Read

CVE ID : CVE-2025-10162 Published : Oct. 7, 2025, 6:15 a.m. | 6 hours, 23 minutes ago Description : The Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin before 14 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files via a path traversal attack Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 06:15:00 GMT

read more

CVE-2025-11353 - code-projects Online Hotel Reservation System addgalleryexec.php unrestricted upload

CVE ID : CVE-2025-11353 Published : Oct. 7, 2025, 6:15 a.m. | 6 hours, 23 minutes ago Description : A vulnerability was detected in code-projects Online Hotel Reservation System 1.0. This impacts an unknown function of the file /admin/addgalleryexec.php. Performing manipulation of the argument image results in unrestricted upload. The attack is possible to be carried out remotely. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 06:15:00 GMT

read more

CVE-2025-11354 - code-projects Online Hotel Reservation System addslideexec.php unrestricted upload

CVE ID : CVE-2025-11354 Published : Oct. 7, 2025, 6:15 a.m. | 6 hours, 23 minutes ago Description : A flaw has been found in code-projects Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/addslideexec.php. Executing manipulation of the argument image can lead to unrestricted upload. The attack may be performed from remote. The exploit has been published and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 06:15:00 GMT

read more

CVE-2025-11351 - code-projects Online Hotel Reservation System editpicexec.php unrestricted upload

CVE ID : CVE-2025-11351 Published : Oct. 7, 2025, 5:15 a.m. | 7 hours, 23 minutes ago Description : A weakness has been identified in code-projects Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/editpicexec.php. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 05:15:00 GMT

read more

CVE-2025-11352 - code-projects Online Hotel Reservation System addexec.php unrestricted upload

CVE ID : CVE-2025-11352 Published : Oct. 7, 2025, 5:15 a.m. | 7 hours, 23 minutes ago Description : A security vulnerability has been detected in code-projects Online Hotel Reservation System 1.0. This affects an unknown function of the file /admin/addexec.php. Such manipulation of the argument image leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 05:15:00 GMT

read more

CVE-2025-11362 - "Pdfmake Resource Allocation Vulnerability"

CVE ID : CVE-2025-11362 Published : Oct. 7, 2025, 5:15 a.m. | 7 hours, 23 minutes ago Description : Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly redirect URL in file embedding. An attacker can cause the application to crash or become unresponsive by providing crafted input that triggers this condition. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 05:15:00 GMT

read more

CVE-2025-11349 - Campcodes Online Apartment Visitor Management System search-visitor.php sql injection

CVE ID : CVE-2025-11349 Published : Oct. 7, 2025, 4:16 a.m. | 8 hours, 22 minutes ago Description : A vulnerability was identified in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /search-visitor.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 04:16:00 GMT

read more

CVE-2025-11350 - Campcodes Online Apartment Visitor Management System bwdates-reports-details.php sql injection

CVE ID : CVE-2025-11350 Published : Oct. 7, 2025, 4:16 a.m. | 8 hours, 22 minutes ago Description : A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. The affected element is an unknown function of the file /bwdates-reports-details.php. The manipulation of the argument fromdate/todate results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 04:16:00 GMT

read more

CVE-2025-11347 - code-projects Student Crud Operation Add Student Page/Edit Student add.php move_uploaded_file unrestricted upload

CVE ID : CVE-2025-11347 Published : Oct. 7, 2025, 3:15 a.m. | 9 hours, 23 minutes ago Description : A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function move_uploaded_file of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated remotely. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 03:15:00 GMT

read more

CVE-2025-11348 - Campcodes Online Apartment Visitor Management System index.php sql injection

CVE ID : CVE-2025-11348 Published : Oct. 7, 2025, 3:15 a.m. | 9 hours, 23 minutes ago Description : A vulnerability was determined in Campcodes Online Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /index.php. Executing manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 03:15:00 GMT

read more

CVE-2025-34251 - Tesla Telematics Control Unit (TCU) v2025.14 Authentication Bypass

CVE ID : CVE-2025-34251 Published : Oct. 7, 2025, 12:15 a.m. | 10 hours, 22 minutes ago Description : Tesla Telematics Control Unit (TCU) firmware prior to v2025.14 contains an authentication bypass vulnerability. The TCU runs the Android Debug Bridge (adbd) as root and, despite a “lockdown” check that disables adb shell, still permits adb push/pull and adb forward. Because adbd is privileged and the device’s USB port is exposed externally, an attacker with physical access can write an arbitrary file to a writable location and then overwrite the kernel’s uevent_helper or /proc/sys/kernel/hotplug entries via ADB, causing the script to be executed with root privileges. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 07 Oct 2025 00:15:00 GMT

read more

CVE-2025-61774 - PyVista has Dependency Confusion Vulnerability in that leads to RCE

CVE ID : CVE-2025-61774 Published : Oct. 6, 2025, 11:15 p.m. | 11 hours, 22 minutes ago Description : PyVista provides 3D plotting and mesh analysis through an interface for the Visualization Toolkit (VTK). Version 0.46.3 of the PyVista Project is vulnerable to remote code execution via dependency confusion. Two pieces of code use`--extra-index-url`. But when `--extra-index-url` is used, pip always checks for the PyPI index first, and then the external index. One package listed in the code is not published in PyPI. If an attacker publishes a package with higher version in PyPI, the malicious code from the attacker controlled package may be pulled, leading to remote code execution and a supply chain attack. As of time of publication, a patched version is unavailable. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 23:15:00 GMT

read more

Maturité cyber des TPE-PME : encore un cap à franchir

]]>

Mon, 06 Oct 2025 22:45:00 GMT

read more

CVE-2025-43824 - Liferay Portal Cross-Site Scripting (XSS) and File Extension Manipulation

CVE ID : CVE-2025-43824 Published : Oct. 6, 2025, 10:15 p.m. | 12 hours, 22 minutes ago Description : The Profile widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, and older unsupported versions uses a user’s name in the “Content-Disposition” header, which allows remote authenticated users to change the file extension when a vCard file is downloaded. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 22:15:00 GMT

read more

CVE-2025-61768 - Kuno CMS Vulnerable to Server-Side Request Forgery (SSRF) via Unsafe SVG Upload

CVE ID : CVE-2025-61768 Published : Oct. 6, 2025, 10:15 p.m. | 12 hours, 22 minutes ago Description : KUNO CMS is a fully deployable full-stack blog application. In versions prior to 1.3.15, an SSRF (Server-Side Request Forgery) vulnerability exists in the Media module of the Kuno CMS administrative panel. A logged-in administrator can upload a specially crafted SVG file containing an external image reference, causing the server to initiate an outgoing connection to an arbitrary external URL. This can lead to information disclosure or internal network probing. Version 1.3.15 contains a fix for the issue. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 22:15:00 GMT

read more

CVE-2025-59452 - YoSmart YoLink MD5 Hash Predictability

CVE ID : CVE-2025-59452 Published : Oct. 6, 2025, 8:15 p.m. | 14 hours, 22 minutes ago Description : The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59451 - YoSmart YoLink Session Token Lifetime Vulnerability

CVE ID : CVE-2025-59451 Published : Oct. 6, 2025, 8:15 p.m. | 13 hours, 50 minutes ago Description : The YoSmart YoLink application through 2025-10-02 has session tokens with unexpectedly long lifetimes. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59447 - YoSmart YoLink Smart Hub UART Debug Interface Information Disclosure

CVE ID : CVE-2025-59447 Published : Oct. 6, 2025, 8:15 p.m. | 12 hours, 18 minutes ago Description : The YoSmart YoLink Smart Hub device 0382 exposes a UART debug interface. An attacker with direct physical access can leverage this interface to read a boot log, which includes network access credentials. Severity: 2.2 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59448 - YoSmart YoLink Unencrypted MQTT Communication Vulnerability

CVE ID : CVE-2025-59448 Published : Oct. 6, 2025, 8:15 p.m. | 12 hours, 18 minutes ago Description : Components of the YoSmart YoLink ecosystem through 2025-10-02 leverage unencrypted MQTT to communicate over the internet. An attacker with the ability to monitor network traffic could therefore obtain sensitive information or tamper with the traffic to control affected devices. This affects YoLink Hub 0382, YoLink Mobile Application 1.40.41, and YoLink MQTT Broker. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59449 - YoLink MQTT Broker Authorization Bypass

CVE ID : CVE-2025-59449 Published : Oct. 6, 2025, 8:15 p.m. | 12 hours, 18 minutes ago Description : The YoSmart YoLink MQTT broker through 2025-10-02 does not enforce sufficient authorization controls to prevent cross-account attacks, allowing an attacker to remotely operate affected devices if the attacker obtains the associated device IDs. Because YoLink device IDs are predictable, an attacker can exploit this to gain full control over any other YoLink user's devices. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-59450 - YoSmart YoLink Smart Hub Unencrypted Credentials Disclosure

CVE ID : CVE-2025-59450 Published : Oct. 6, 2025, 8:15 p.m. | 12 hours, 18 minutes ago Description : The YoSmart YoLink Smart Hub firmware 0382 is unencrypted, and data extracted from it can be used to determine network access credentials. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-11346 - ILIAS Base64 Decoding unserialize deserialization

CVE ID : CVE-2025-11346 Published : Oct. 6, 2025, 8:15 p.m. | 11 hours, 49 minutes ago Description : A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument f_settings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 is able to mitigate this issue. It is advisable to upgrade the affected component. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 20:15:00 GMT

read more

CVE-2025-61984 - OpenSSH SSH Command Injection

CVE ID : CVE-2025-61984 Published : Oct. 6, 2025, 7:15 p.m. | 12 hours, 13 minutes ago Description : ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) Severity: 3.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 19:15:00 GMT

read more

CVE-2025-61985 - OpenSSH SSH URI Injection Vulnerability

CVE ID : CVE-2025-61985 Published : Oct. 6, 2025, 7:15 p.m. | 12 hours, 13 minutes ago Description : ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. Severity: 3.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 06 Oct 2025 19:15:00 GMT

read more

Fuite de données chez France Travail

]]>

Mon Oct 06 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Discord

]]>

Sat Oct 04 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Le MOOC « SecNumacadémie » en cours d’évolution

]]>

Thu, 02 Oct 2025 07:42:00 GMT

read more

Lettres d&rsquo;information

]]>

Wed, 01 Oct 2025 15:21:00 GMT

read more

Enquête Éducation nationale sur la connaissance de la cyber auprès des élèves du CM1 à la 6e*

]]>

Mon, 29 Sep 2025 11:06:00 GMT

read more

Fuite de données chez La Nef

]]>

Thu Sep 25 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Cybermalveillance.gouv.fr dévoile un livret pour les enfants de 9–12 ans : « Le numérique, pas de panique ! »

]]>

Wed, 24 Sep 2025 09:41:00 GMT

read more

Fuite de données chez Inovie Labosud

]]>

Tue Sep 23 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

REMPAR25 : un exercice de crise cyber d’une ampleur inédite

]]>

Mon, 22 Sep 2025 11:47:00 GMT

read more

Fuite de données chez Digital Charging Solutions

]]>

Sat Sep 20 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Fédération Française de Tennis de Table

]]>

Fri Sep 19 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Clarins

]]>

Thu Sep 18 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Cybermois 2025

]]>

Wed, 10 Sep 2025 22:12:00 GMT

read more

Participez à la chasse au trésor du Cybermois avec à la clé de nombreux lots à gagner

]]>

Wed, 10 Sep 2025 21:45:00 GMT

read more

Lancement du Cybermois 2025 : cap sur les territoires avec le CyberTour de France

]]>

Wed, 10 Sep 2025 21:41:00 GMT

read more

Cybermois 2025 : les Français face aux cybermenaces 2ème baromètre IPSOS pour Cybermalveillance.gouv.fr

]]>

Wed, 10 Sep 2025 21:40:00 GMT

read more

Fuite de données chez Plex

]]>

Tue Sep 09 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Eklo

]]>

Wed Sep 03 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2024-12972 - Akinsoft OctoCloud - Cross-Site Scripting (XSS)

CVE ID : CVE-2024-12972 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft OctoCloud allows Cross-Site Scripting (XSS).This issue affects OctoCloud: from s1.09.01 before v1.11.01. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2024-12973 - Akinsoft OctoCloud Origin Validation Error HTTP Response Splitting

CVE ID : CVE-2024-12973 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : Origin Validation Error vulnerability in Akinsoft OctoCloud allows HTTP Response Splitting, CAPEC - 87 - Forceful Browsing.This issue affects OctoCloud: from s1.09.01 before v1.11.01. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2024-52284 - Helm Unauthorized Data Disclosure Vulnerability

CVE ID : CVE-2024-52284 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2024-58259 - Rancher Manager Denial of Service (DoS) via Excessive Payload Attack

CVE ID : CVE-2024-58259 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : A vulnerability has been identified within Rancher Manager in which it did not enforce request body size limits on certain public (unauthenticated) and authenticated API endpoints. This allows a malicious user to exploit this by sending excessively large payloads, which are fully loaded into memory during processing, leading to Denial of Service (DoS). Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-0640 - Akinsoft OctoCloud Authorization Bypass Resource Leak

CVE ID : CVE-2025-0640 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft OctoCloud allows Resource Leak Exposure.This issue affects OctoCloud: from s1.09.02 before v1.11.01. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-2414 - Akinsoft OctoCloud Authentication Bypass

CVE ID : CVE-2025-2414 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft OctoCloud allows Authentication Bypass.This issue affects OctoCloud: from s1.09.03 before v1.11.01. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-46810 - Traefik2 openSUSE Tumbleweed Symlink Following Root Escalation

CVE ID : CVE-2025-46810 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traefik2 allows the traefik user to escalate to root. This issue affects Tumbleweed: from ? before 2.11.29. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52543 - D-Link E3 Site Supervisor Control Password Hashing Weakness

CVE ID : CVE-2025-52543 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E3 Site Supervisor Control (firmware version 2.31F01) application services (MGW and RCI) uses client side hashing for authentication. An attacker can authenticate by obtaining only the password hash. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52544 - E3 Site Supervisor File System Access Vulnerability (File Upload)

CVE ID : CVE-2025-52544 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E3 Site Supervisor Control (firmware version 2.31F01) has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can access any file from the E3 file system. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52545 - E3 Site Supervisor Authentication Information Disclosure

CVE ID : CVE-2025-52545 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E3 Site Supervisor Control (firmware version 2.31F01) RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52546 - E3 Site Supervisor Stored XSS Vulnerability

CVE ID : CVE-2025-52546 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E3 Site Supervisor Control (firmware version 2.31F01) has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can inject a stored XSS to the floorplan web page. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52547 - E3 Site Supervisor Control MGW Denial of Service

CVE ID : CVE-2025-52547 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E3 Site Supervisor Control (firmware version 2.31F01) MGW contains an API call that lacks input validation. An attacker can use this command to continuously crash the application services. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52548 - E3 Site Supervisor Unauthenticated Remote Command Execution

CVE ID : CVE-2025-52548 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E3 Site Supervisor Control (firmware version 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the underlying OS. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52549 - E3 Site Supervisor Root Password Generation Vulnerability

CVE ID : CVE-2025-52549 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E3 Site Supervisor Control (firmware version 2.31F01) generates the root linux password on each boot. An attacker can generate the root linux password for a vulnerable device based on known or easy to fetch parameters. Severity: 9.2 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52550 - E3 Site Supervisor Firmware Upgrade Package Spoofing Vulnerability

CVE ID : CVE-2025-52550 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E3 Site Supervisor Control (firmware version 2.31F01) firmware upgrade packages are unsigned. An attacker can forge malicious firmware upgrade packages. An attacker with admin access to the application services can install a malicious firmware upgrade. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-52551 - E2 Facility Management Systems Unauthenticated File Operations Vulnerability

CVE ID : CVE-2025-52551 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E2 Facility Management Systems use a proprietary protocol that allows for unauthenticated file operations on any file in the file system. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-56254 - PHPGurukul Employee Leave Management System IDOR

CVE ID : CVE-2025-56254 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : PHPGurukul Employee Leave Management System 2.1 contains an Insecure Direct Object Reference (IDOR) vulnerability in leave-details.php. An authenticated user can change the leaveid parameter in the URL to access leave application details of other users. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-57140 - "rsbi-pom SQL Injection Vulnerability"

CVE ID : CVE-2025-57140 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-5662 - H2O-3 MySQL JDBC Driver RCE Deserialization Vulnerability

CVE ID : CVE-2025-5662 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : A deserialization vulnerability exists in the H2O-3 REST API (POST /99/ImportSQLTable) that affects all versions up to 3.46.0.7. This vulnerability allows remote code execution (RCE) due to improper validation of JDBC connection parameters when using a Key-Value format. The vulnerability is present in the MySQL JDBC Driver version 8.0.19 and JDK version 8u112. The issue is resolved in version 3.46.0.8. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-6519 - E3 Site Supervisor Default Admin Account Predictable Password Vulnerability

CVE ID : CVE-2025-6519 Published : Sept. 2, 2025, 12:15 p.m. | 2 hours, 7 minutes ago Description : E3 Site Supervisor (firmware version 2.31F01) has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot be deleted or modified by any user. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 12:15:00 GMT

read more

CVE-2025-41030 - T-INNOVA Deporsite Unauthenticated Information Disclosure

CVE ID : CVE-2025-41030 Published : Sept. 2, 2025, 9:15 a.m. | 5 hours, 7 minutes ago Description : Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnova_v2/Integrantes_Recurso_v2_1/llamadaAjax/buscarPersona’ using the ‘dni’ parameter. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 09:15:00 GMT

read more

CVE-2025-41031 - T-INNOVA Deporsite Unauthenticated Profile Picture Upload Vulnerability

CVE ID : CVE-2025-41031 Published : Sept. 2, 2025, 9:15 a.m. | 5 hours, 7 minutes ago Description : Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to change other users' profile pictures via a POST request using the parameters ‘IdPersona’ and “Foto” in ‘/ajax/TInnova_c/FotoUsuario/llamadaAjax/uploadImage’. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 09:15:00 GMT

read more

CVE-2025-9573 - "TYPO3 ns_backup Command Injection Vulnerability"

CVE ID : CVE-2025-9573 Published : Sept. 2, 2025, 9:15 a.m. | 5 hours, 7 minutes ago Description : The ns_backup extension through 13.0.2 for TYPO3 allows command injection. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 09:15:00 GMT

read more

CVE-2025-41690 - Cisco Bluetooth Event Log Password Disclosure Vulnerability

CVE ID : CVE-2025-41690 Published : Sept. 2, 2025, 8:15 a.m. | 6 hours, 7 minutes ago Description : A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the device’s event log. This vulnerability could allow the Operator to authenticate as the Maintenance user, thereby gaining unauthorized access to sensitive configuration settings and the ability to modify device parameters. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 08:15:00 GMT

read more

CVE-2025-44017 - Gunosy JWT Token Exposure Vulnerability

CVE ID : CVE-2025-44017 Published : Sept. 2, 2025, 8:15 a.m. | 6 hours, 7 minutes ago Description : "Gunosy" App contains a vulnerability where sensitive information may be included in the application's outbound communication. If a user accesses a crafted URL, an attacker may obtain the JWT (JSON Web Token). Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 08:15:00 GMT

read more

CVE-2025-9813 - Tenda CH22 Buffer Overflow Vulnerability

CVE ID : CVE-2025-9813 Published : Sept. 2, 2025, 5:15 a.m. | 6 hours, 58 minutes ago Description : A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument samba_userNameSda leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 05:15:00 GMT

read more

CVE-2025-9814 - PHPGurukul Beauty Parlour Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9814 Published : Sept. 2, 2025, 5:15 a.m. | 6 hours, 58 minutes ago Description : A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/contact-us.php. The manipulation of the argument mobnumber results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 05:15:00 GMT

read more

CVE-2025-9815 - Apple NSXPCListener Unauthenticated Local Privilege Escalation

CVE ID : CVE-2025-9815 Published : Sept. 2, 2025, 5:15 a.m. | 6 hours, 58 minutes ago Description : A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element is an unknown function of the file PrivilegeHelper/PrivilegeHelper.swift of the component NSXPCListener. This manipulation causes missing authentication. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 05:15:00 GMT

read more

CVE-2025-58414 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-58414 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58415 - Apache Web Server Information Disclosure

CVE ID : CVE-2025-58415 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58416 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-58416 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58417 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-58417 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58418 - WhatsApp Audio Format Vulnerability

CVE ID : CVE-2025-58418 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58419 - Cisco WebEx Meeting Center Cross-Site Request Forgery

CVE ID : CVE-2025-58419 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58420 - Apache HTTP Server Directory Traversal Vulnerability

CVE ID : CVE-2025-58420 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-58421 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-58421 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-8662 - OpenAM Consortium Edition SAML IdP Request Tampering Vulnerability

CVE ID : CVE-2025-8662 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : OpenAM (OpenAM Consortium Edition) contains a vulnerability that may cause it to malfunction as a SAML IdP due to a tampered request.This issue affects OpenAM: from 14.0.0 through 14.0.1. Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-9811 - Campcodes Farm Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9811 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : A vulnerability was found in Campcodes Farm Management System 1.0. This affects an unknown part of the file /reviewInput.php. Performing manipulation of the argument rating results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-9812 - Tenda CH22 Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-9812 Published : Sept. 2, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 03:15:00 GMT

read more

CVE-2025-57808 - ESPHome Web Server Authentication Bypass Vulnerability

CVE ID : CVE-2025-57808 Published : Sept. 2, 2025, 1:15 a.m. | 10 hours, 58 minutes ago Description : ESPHome is a system to control microcontrollers remotely through Home Automation systems. In version 2025.8.0 in the ESP-IDF platform, ESPHome's web_server authentication check can pass incorrectly when the client-supplied base64-encoded Authorization value is empty or is a substring of the correct value. This allows access to web_server functionality (including OTA, if enabled) without knowing any information about the correct username or password. This issue has been patched in version 2025.8.1. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-58161 - MobSF Directory Traversal Vulnerability

CVE ID : CVE-2025-58161 Published : Sept. 2, 2025, 1:15 a.m. | 10 hours, 58 minutes ago Description : MobSF is a mobile application security testing tool used. In version 4.4.0, the GET /download/ route uses string path verification via os.path.commonprefix, which allows an authenticated user to download files outside the DWD_DIR download directory from "neighboring" directories whose absolute paths begin with the same prefix as DWD_DIR (e.g., .../downloads_bak, .../downloads.old). This is a Directory Traversal (escape) leading to a data leak. This issue has been patched in version 4.4.1. Severity: 1.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-58162 - MobSF File Write Arbitrary Directory Local File Inclusion

CVE ID : CVE-2025-58162 Published : Sept. 2, 2025, 1:15 a.m. | 10 hours, 58 minutes ago Description : MobSF is a mobile application security testing tool used. In version 4.4.0, an authenticated user who uploaded a specially prepared one.a, can write arbitrary files to any directory writable by the user of the MobSF process. This issue has been patched in version 4.4.1. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-58178 - SonarQube Server and Cloud Command Injection Vulnerability

CVE ID : CVE-2025-58178 Published : Sept. 2, 2025, 1:15 a.m. | 10 hours, 58 minutes ago Description : SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. In versions 4 to 5.3.0, a command injection vulnerability was discovered in the SonarQube Scan GitHub Action that allows untrusted input arguments to be processed without proper sanitization. Arguments sent to the action are treated as shell expressions, allowing potential execution of arbitrary commands. A fix has been released in SonarQube Scan GitHub Action 5.3.1. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-9805 - SimStudioAI Server-Side Request Forgery Vulnerability

CVE ID : CVE-2025-9805 Published : Sept. 2, 2025, 1:15 a.m. | 10 hours, 58 minutes ago Description : A vulnerability was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/app/api/proxy/image/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit has been made public and could be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The patch is identified as 3424a338b763115f0269b209e777608e4cd31785. Applying a patch is advised to resolve this issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-9806 - Tenda Administrative Interface Local Hard-Coded Credential Injection Vulnerability

CVE ID : CVE-2025-9806 Published : Sept. 2, 2025, 1:15 a.m. | 10 hours, 58 minutes ago Description : A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation with the input Fireitup causes hard-coded credentials. The attack can only be executed locally. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit has been publicly disclosed and may be utilized. Severity: 1.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 01:15:00 GMT

read more

CVE-2025-9802 - RemoteClinic SQL Injection Vulnerability

CVE ID : CVE-2025-9802 Published : Sept. 2, 2025, 12:15 a.m. | 9 hours, 38 minutes ago Description : A vulnerability was detected in RemoteClinic 2.0. This vulnerability affects unknown code of the file /staff/profile.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 02 Sep 2025 00:15:00 GMT

read more

CVE-2025-9800 - SimStudioAI HTML File Parser Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9800 Published : Sept. 1, 2025, 11:15 p.m. | 10 hours, 38 minutes ago Description : A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. Affected by this issue is the function Import of the file apps/sim/app/api/files/upload/route.ts of the component HTML File Parser. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. This patch is called 45372aece5e05e04b417442417416a52e90ba174. A patch should be applied to remediate this issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 23:15:00 GMT

read more

CVE-2025-9801 - SimStudioAI Path Traversal Remote Vulnerability

CVE ID : CVE-2025-9801 Published : Sept. 1, 2025, 11:15 p.m. | 10 hours, 38 minutes ago Description : A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The identifier of the patch is 45372aece5e05e04b417442417416a52e90ba174. To fix this issue, it is recommended to deploy a patch. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 23:15:00 GMT

read more

CVE-2025-9797 - ExpressCart Remote Code Injection Vulnerability

CVE ID : CVE-2025-9797 Published : Sept. 1, 2025, 10:15 p.m. | 11 hours, 38 minutes ago Description : A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 22:15:00 GMT

read more

CVE-2025-9799 - Langfuse SSRF Vulnerability

CVE ID : CVE-2025-9799 Published : Sept. 1, 2025, 10:15 p.m. | 11 hours, 38 minutes ago Description : A security flaw has been discovered in Langfuse up to 3.88.0. Affected by this vulnerability is the function promptChangeEventSourcing of the file web/src/features/prompts/server/routers/promptRouter.ts of the component Webhook Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been released to the public and may be exploited. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 22:15:00 GMT

read more

CVE-2024-28988 - SolarWinds Web Help Desk Java Deserialization Remote Code Execution

CVE ID : CVE-2024-28988 Published : Sept. 1, 2025, 10:15 p.m. | 7 hours, 37 minutes ago Description : SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing this report. The ZDI team was able to discover an unauthenticated attack during their research. We recommend all Web Help Desk customers apply the patch, which is now available. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 22:15:00 GMT

read more

CVE-2025-9796 - JeeSite Thinkgem Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9796 Published : Sept. 1, 2025, 10:15 p.m. | 7 hours, 37 minutes ago Description : A vulnerability was found in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2 of the file common/src/main/java/com/jeesite/common/codec/EncodeUtils.java. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 5.13.0 mitigates this issue. The patch is identified as 63773c97a56bdb3649510e83b66c16db4754965b. Upgrading the affected component is recommended. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 22:15:00 GMT

read more

CVE-2025-9795 - xujeff tianti Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9795 Published : Sept. 1, 2025, 9:15 p.m. | 8 hours, 37 minutes ago Description : A vulnerability has been found in xujeff tianti 天梯 up to 2.3. The impacted element is the function ajaxUploadFile of the file src/main/java/com/jeff/tianti/controller/UploadController.java. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 21:15:00 GMT

read more

CVE-2025-9794 - Campcodes Computer Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-9794 Published : Sept. 1, 2025, 9:15 p.m. | 6 hours, 37 minutes ago Description : A flaw has been found in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/pos_transac.php?action=add. Executing manipulation of the argument cash/firstname can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. Other parameters might be affected as well. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 21:15:00 GMT

read more

CVE-2025-9792 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9792 Published : Sept. 1, 2025, 8:15 p.m. | 7 hours, 37 minutes ago Description : A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /e_dashboard/e_all_info.php. Such manipulation of the argument mid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 20:15:00 GMT

read more

CVE-2025-9793 - Apachebi's Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9793 Published : Sept. 1, 2025, 8:15 p.m. | 7 hours, 37 minutes ago Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /setting/admin.php of the component Setting Handler. Performing manipulation of the argument ddlBranch results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 20:15:00 GMT

read more

CVE-2025-9790 - SourceCodester Hotel Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-9790 Published : Sept. 1, 2025, 7:15 p.m. | 8 hours, 37 minutes ago Description : A security flaw has been discovered in SourceCodester Hotel Reservation System 1.0. This affects an unknown part of the file /admin/updateabout.php. The manipulation of the argument address results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 19:15:00 GMT

read more

CVE-2025-9791 - Tenda AC20 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9791 Published : Sept. 1, 2025, 7:15 p.m. | 8 hours, 37 minutes ago Description : A weakness has been identified in Tenda AC20 16.03.08.05. This vulnerability affects unknown code of the file /goform/fromAdvSetMacMtuWan. This manipulation of the argument wanMTU causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 19:15:00 GMT

read more

CVE-2025-9809 - Libretro Common CDFS Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-9809 Published : Sept. 1, 2025, 7:15 p.m. | 8 hours, 37 minutes ago Description : Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATH_MAX_LENGTH that is copied using memcpy into a fixed-size buffer. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 19:15:00 GMT

read more

CVE-2025-9810 - "OpenBSD Linonoise TOCTOU File Overwrite Vulnerability"

CVE ID : CVE-2025-9810 Published : Sept. 1, 2025, 7:15 p.m. | 8 hours, 37 minutes ago Description : TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 19:15:00 GMT

read more

CVE-2025-3586 - Liferay Portal Object Action Groovy Scripting Remote Code Execution

CVE ID : CVE-2025-3586 Published : Sept. 1, 2025, 6:15 p.m. | 9 hours, 37 minutes ago Description : In Liferay Portal 7.4.3.27 through 7.4.3.42, and Liferay DXP 2024.Q1.1 through 2024.Q1.20, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 27 through update 42 (Liferay PaaS, and Liferay Self-Hosted), the Objects module does not restrict the use of Groovy scripts in Object actions for Admin Users. This allows remote authenticated admin users with the Instance Administrator role to execute arbitrary Groovy scripts (i.e., remote code execution) through Object actions. In contrast, in Liferay DXP (Liferay SaaS), the use of Groovy in Object actions is not allowed due to the high security risks it poses. Starting from Liferay DXP 2024.Q2 and later, a new feature has been introduced in Instance Settings that allows administrators to configure whether Groovy scripts are allowed in their instances. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 18:15:00 GMT

read more

CVE-2025-9788 - SourceCodester/Campcodes School Log Management System SQL Injection

CVE ID : CVE-2025-9788 Published : Sept. 1, 2025, 6:15 p.m. | 9 hours, 37 minutes ago Description : A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_class.php. Executing manipulation of the argument id_no can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 18:15:00 GMT

read more

CVE-2025-9789 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-9789 Published : Sept. 1, 2025, 6:15 p.m. | 9 hours, 37 minutes ago Description : A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file /admin/edituser.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 18:15:00 GMT

read more

CVE-2025-9375 - Apache xmltodict XML Injection Vulnerability

CVE ID : CVE-2025-9375 Published : Sept. 1, 2025, 5:15 p.m. | 10 hours, 37 minutes ago Description : XML Injection vulnerability in xmltodict allows Input Data Manipulation.This issue affects xmltodict: 0.14.2. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 17:15:00 GMT

read more

CVE-2025-55007 - Knowage Server-Side Request Forgery Vulnerability

CVE ID : CVE-2025-55007 Published : Sept. 1, 2025, 4:15 p.m. | 9 hours, 37 minutes ago Description : Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, Knowage is vulnerable to server-side request forgery. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact of this vulnerability is limited. However, an attacker could be able to leverage this vulnerability to scan the internal network. This issue has been patched in version 8.1.37. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 16:15:00 GMT

read more

CVE-2025-57799 - StreamVault Command Injection Vulnerability

CVE ID : CVE-2025-57799 Published : Sept. 1, 2025, 4:15 p.m. | 9 hours, 37 minutes ago Description : StreamVault is a multi-platform video parsing and downloading tool. Prior to version 250822, after logging into the StreamVault-system, an attacker can modify certain system parameters, construct malicious commands, execute command injection attacks against the system, and ultimately gain server privileges. Users of all versions of the StreamVault system to date who have not modified their background passwords or use weak passwords are at risk of having their systems taken over via remote command execution. This issue has been patched in version 250822. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 16:15:00 GMT

read more

CVE-2025-9786 - Campcodes Online Learning Management System SQL Injection

CVE ID : CVE-2025-9786 Published : Sept. 1, 2025, 4:15 p.m. | 9 hours, 37 minutes ago Description : A vulnerability was found in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /teacher_signup.php. Performing manipulation of the argument firstname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used. Other parameters might be affected as well. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 16:15:00 GMT

read more

CVE-2025-33099 - IBM Concert Software SSL/TLS Certificate Validation Vulnerability

CVE ID : CVE-2025-33099 Published : Sept. 1, 2025, 3:15 p.m. | 10 hours, 37 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to perform unauthorized actions using man in the middle techniques due to improper certificate validation. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-33102 - IBM Concert Software Weak Cryptography Vulnerability

CVE ID : CVE-2025-33102 Published : Sept. 1, 2025, 3:15 p.m. | 10 hours, 37 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-9783 - TOTOLINK A702R Buffer Overflow Vulnerability

CVE ID : CVE-2025-9783 Published : Sept. 1, 2025, 3:15 p.m. | 10 hours, 37 minutes ago Description : A vulnerability was determined in TOTOLINK A702R 4.0.0-B20211108.1423. This issue affects the function sub_418030 of the file /boafrm/formParentControl. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-33084 - IBM Concert Software Information Disclosure

CVE ID : CVE-2025-33084 Published : Sept. 1, 2025, 3:15 p.m. | 9 hours, 31 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-0656 - IBM Concert Software Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-0656 Published : Sept. 1, 2025, 3:15 p.m. | 6 hours, 37 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-33082 - IBM Concert Software Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-33082 Published : Sept. 1, 2025, 3:15 p.m. | 6 hours, 37 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-33083 - IBM Concert Software Cross-Site Scripting (XSS)

CVE ID : CVE-2025-33083 Published : Sept. 1, 2025, 3:15 p.m. | 6 hours, 37 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 15:15:00 GMT

read more

CVE-2025-9781 - TOTOLINK A702R Buffer Overflow in FormFilter Function

CVE ID : CVE-2025-9781 Published : Sept. 1, 2025, 2:15 p.m. | 7 hours, 37 minutes ago Description : A vulnerability has been found in TOTOLINK A702R 4.0.0-B20211108.1423. This affects the function sub_4162DC of the file /boafrm/formFilter. Such manipulation of the argument ip6addr leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 14:15:00 GMT

read more

CVE-2025-9782 - TOTOLINK A702R Buffer Overflow Vulnerability

CVE ID : CVE-2025-9782 Published : Sept. 1, 2025, 2:15 p.m. | 7 hours, 37 minutes ago Description : A vulnerability was found in TOTOLINK A702R 4.0.0-B20211108.1423. This vulnerability affects the function sub_4466F8 of the file /boafrm/formOneKeyAccessButton. Performing manipulation of the argument submit-url results in buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 14:15:00 GMT

read more

CVE-2025-9780 - TOTOLINK A702R Buffer Overflow Vulnerability

CVE ID : CVE-2025-9780 Published : Sept. 1, 2025, 1:15 p.m. | 8 hours, 37 minutes ago Description : A flaw has been found in TOTOLINK A702R 4.0.0-B20211108.1423. Affected by this issue is the function sub_419BE0 of the file /boafrm/formIpQoS. This manipulation of the argument mac causes buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2024-12925 - Akınsoft QR Menü Certificate Validation HTTP Response Splitting

CVE ID : CVE-2024-12925 Published : Sept. 1, 2025, 1:15 p.m. | 7 hours, 30 minutes ago Description : Improper Validation of Certificate with Host Mismatch vulnerability in Akınsoft QR Menü allows HTTP Response Splitting.This issue affects QR Menü: from s1.05.05 before v1.05.12. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2025-0610 - Akınsoft QR Menü CSRF

CVE ID : CVE-2025-0610 Published : Sept. 1, 2025, 1:15 p.m. | 7 hours, 30 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request Forgery.This issue affects QR Menü: from s1.05.06 before v1.05.12. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2025-2412 - Akinsoft QR Menu Authentication Bypass

CVE ID : CVE-2025-2412 Published : Sept. 1, 2025, 1:15 p.m. | 7 hours, 30 minutes ago Description : Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft QR Menu allows Authentication Bypass.This issue affects QR Menu: from s1.05.07 before v1.05.12. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2025-9779 - TOTOLINK A702R Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-9779 Published : Sept. 1, 2025, 1:15 p.m. | 7 hours, 30 minutes ago Description : A vulnerability was detected in TOTOLINK A702R 4.0.0-B20211108.1423. Affected by this vulnerability is the function sub_4162DC of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2024-12914 - Akınsoft QR Menü Cross-Site Scripting (XSS)

CVE ID : CVE-2024-12914 Published : Sept. 1, 2025, 1:15 p.m. | 5 hours, 30 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akınsoft QR Menü allows Cross-Site Scripting (XSS).This issue affects QR Menü: from s1.05.05 before v1.05.12. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2024-12924 - Akınsoft QR Menü Open Redirect Vulnerability

CVE ID : CVE-2024-12924 Published : Sept. 1, 2025, 1:15 p.m. | 5 hours, 30 minutes ago Description : URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akınsoft QR Menü allows Forceful Browsing, Phishing.This issue affects QR Menü: from s1.05.05 before v1.05.12. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 13:15:00 GMT

read more

CVE-2025-36133 - IBM App Connect Enterprise Certified Container Log Information Disclosure Vulnerability

CVE ID : CVE-2025-36133 Published : Sept. 1, 2025, 12:15 p.m. | 6 hours, 30 minutes ago Description : IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 12:15:00 GMT

read more

CVE-2025-9778 - Tenda W12 Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-9778 Published : Sept. 1, 2025, 12:15 p.m. | 6 hours, 30 minutes ago Description : A security vulnerability has been detected in Tenda W12 up to 3.0.0.6(3948). Affected is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. The manipulation leads to hard-coded credentials. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used. Severity: 1.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 12:15:00 GMT

read more

CVE-2025-9774 - RemoteClinic Information Disclosure Vulnerability

CVE ID : CVE-2025-9774 Published : Sept. 1, 2025, 11:15 a.m. | 7 hours, 30 minutes ago Description : A vulnerability has been found in RemoteClinic up to 2.0. This issue affects some unknown processing of the file /patients/edit-patient.php. The manipulation of the argument Email leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 11:15:00 GMT

read more

CVE-2025-9775 - RemoteClinic Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-9775 Published : Sept. 1, 2025, 11:15 a.m. | 7 hours, 30 minutes ago Description : A vulnerability was found in RemoteClinic up to 2.0. Impacted is an unknown function of the file /staff/edit-my-profile.php. The manipulation of the argument image results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 11:15:00 GMT

read more

CVE-2025-9773 - RemoteClinic Cross Site Scripting (XSS)

CVE ID : CVE-2025-9773 Published : Sept. 1, 2025, 10:15 a.m. | 8 hours, 30 minutes ago Description : A flaw has been found in RemoteClinic up to 2.0. This vulnerability affects unknown code of the file /staff/edit.php. Executing manipulation of the argument Last Name can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 10:15:00 GMT

read more

CVE-2025-9772 - RemoteClinic Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9772 Published : Sept. 1, 2025, 10:15 a.m. | 7 hours, 37 minutes ago Description : A vulnerability was detected in RemoteClinic up to 2.0. This affects an unknown part of the file /staff/edit.php. Performing manipulation of the argument image results in unrestricted upload. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 10:15:00 GMT

read more

CVE-2025-9770 - Campcodes Hospital Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9770 Published : Sept. 1, 2025, 9:15 a.m. | 6 hours, 37 minutes ago Description : A weakness has been identified in Campcodes Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ of the component Admin Dashboard Login. This manipulation of the argument Password causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 09:15:00 GMT

read more

CVE-2025-9771 - SourceCodester Eye Clinic Management System SQL Injection

CVE ID : CVE-2025-9771 Published : Sept. 1, 2025, 9:15 a.m. | 6 hours, 37 minutes ago Description : A security vulnerability has been detected in SourceCodester Eye Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file /main/search_index_Diagnosis.php. Such manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 09:15:00 GMT

read more

CVE-2025-9769 - D-Link DI-7400G+ Command Injection Vulnerability

CVE ID : CVE-2025-9769 Published : Sept. 1, 2025, 8:15 a.m. | 7 hours, 37 minutes ago Description : A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub_478D28 of the file /mng_platform.asp. The manipulation of the argument addr with the input `echo 12345 > poc.txt` results in command injection. An attack on the physical device is feasible. The exploit has been released to the public and may be exploited. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38691 - Cisco BootROM Certificate Type 0 Privilege Escalation Vulnerability

CVE ID : CVE-2022-38691 Published : Sept. 1, 2025, 8:15 a.m. | 6 hours, 30 minutes ago Description : In BootROM, there is a possible missing validation for Certificate Type 0. This could lead to local escalation of privilege with no additional execution privileges needed. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38692 - Cisco BootROM RSA Key Validation Buffer Overflow

CVE ID : CVE-2022-38692 Published : Sept. 1, 2025, 8:15 a.m. | 6 hours, 30 minutes ago Description : In BootROM, there is a missing size check for RSA keys in Certificate Type 0 validation. This could lead to memory buffer overflow without requiring additional execution privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38693 - Apache FDL1 Buffer Overflow Vulnerability

CVE ID : CVE-2022-38693 Published : Sept. 1, 2025, 8:15 a.m. | 6 hours, 30 minutes ago Description : In FDL1, there is a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38694 - Cisco BootRom Bootloader Unchecked Write Address Privilege Escalation Vulnerability

CVE ID : CVE-2022-38694 Published : Sept. 1, 2025, 8:15 a.m. | 6 hours, 30 minutes ago Description : In BootRom, there is a possible unchecked write address. This could lead to local escalation of privilege with no additional execution privileges needed. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38695 - Citrix BootRom Command Index Overflow Vulnerability

CVE ID : CVE-2022-38695 Published : Sept. 1, 2025, 8:15 a.m. | 6 hours, 30 minutes ago Description : In BootRom, there's a possible unchecked command index. This could lead to local escalation of privilege with no additional execution privileges needed. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2022-38696 - "Microsoft BootRom Buffer Overflow Vulnerability"

CVE ID : CVE-2022-38696 Published : Sept. 1, 2025, 8:15 a.m. | 6 hours, 30 minutes ago Description : In BootRom, there's a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2025-58318 - Delta Electronics DIAView Authentication Bypass

CVE ID : CVE-2025-58318 Published : Sept. 1, 2025, 8:15 a.m. | 6 hours, 30 minutes ago Description : Delta Electronics DIAView has an authentication bypass vulnerability. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2025-9768 - iSourcecode Sports Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9768 Published : Sept. 1, 2025, 8:15 a.m. | 6 hours, 30 minutes ago Description : A vulnerability was identified in itsourcecode Sports Management System 1.0. This impacts an unknown function of the file /Admin/mode.php. The manipulation of the argument code leads to sql injection. The attack is possible to be carried out remotely. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 08:15:00 GMT

read more

CVE-2025-9767 - iSourcecode Sports Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9767 Published : Sept. 1, 2025, 7:15 a.m. | 7 hours, 30 minutes ago Description : A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /Admin/sporttype.php. Executing manipulation of the argument code can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 07:15:00 GMT

read more

CVE-2025-9766 - iSourcecode Sports Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9766 Published : Sept. 1, 2025, 7:15 a.m. | 5 hours, 30 minutes ago Description : A vulnerability was found in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/facilitator.php. Performing manipulation of the argument code results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 07:15:00 GMT

read more

CVE-2025-20707 - Geniezone Use After Free Memory Corruption Vulnerability

CVE ID : CVE-2025-20707 Published : Sept. 1, 2025, 6:15 a.m. | 6 hours, 30 minutes ago Description : In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09924201; Issue ID: MSV-3820. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20708 - "Qualcomm Modem Out-of-Bounds Write Privilege Escalation Vulnerability"

CVE ID : CVE-2025-20708 Published : Sept. 1, 2025, 6:15 a.m. | 6 hours, 30 minutes ago Description : In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01123853; Issue ID: MSV-4131. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-54857 - SkyBridge BASIC OS Command Injection Vulnerability

CVE ID : CVE-2025-54857 Published : Sept. 1, 2025, 6:15 a.m. | 6 hours, 30 minutes ago Description : Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge BASIC MB-A130 Ver.1.5.8 and earlier. If exploited, a remote unauthenticated attacker may execute arbitrary OS commands with root privileges. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-6507 - H2Oai H2o-3 Untrusted Data Deserialization Vulnerability

CVE ID : CVE-2025-6507 Published : Sept. 1, 2025, 6:15 a.m. | 6 hours, 30 minutes ago Description : A vulnerability in the h2oai/h2o-3 repository allows attackers to exploit deserialization of untrusted data, potentially leading to arbitrary code execution and reading of system files. This issue affects the latest master branch version 3.47.0.99999. The vulnerability arises from the ability to bypass regular expression filters intended to prevent malicious parameter injection in JDBC connections. Attackers can manipulate spaces between parameters to evade detection, allowing for unauthorized file access and code execution. The vulnerability is addressed in version 3.46.0.8. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-9764 - iSourcecode Sports Management System SQL Injection

CVE ID : CVE-2025-9764 Published : Sept. 1, 2025, 6:15 a.m. | 6 hours, 30 minutes ago Description : A flaw has been found in itsourcecode Sports Management System 1.0. Impacted is an unknown function of the file /Admin/resultdetails.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-9765 - iSourcecode Sports Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9765 Published : Sept. 1, 2025, 6:15 a.m. | 6 hours, 30 minutes ago Description : A vulnerability has been found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/tournament_details.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20703 - Huawei Modem Out-of-Bounds Read Remote Denial of Service Vulnerability

CVE ID : CVE-2025-20703 Published : Sept. 1, 2025, 6:15 a.m. | 5 hours, 13 minutes ago Description : In Modem, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01599794; Issue ID: MSV-3708. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20704 - "ZTE Modem Out-of-Bounds Write Privilege Escalation Vulnerability"

CVE ID : CVE-2025-20704 Published : Sept. 1, 2025, 6:15 a.m. | 5 hours, 13 minutes ago Description : In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01516959; Issue ID: MSV-3502. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20705 - Citrix Hypervisor Memory Corruption (Use After Free)

CVE ID : CVE-2025-20705 Published : Sept. 1, 2025, 6:15 a.m. | 5 hours, 13 minutes ago Description : In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09989078; Issue ID: MSV-3964. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-20706 - mbrain Use After Free Memory Corruption Vulnerability

CVE ID : CVE-2025-20706 Published : Sept. 1, 2025, 6:15 a.m. | 5 hours, 13 minutes ago Description : In mbrain, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09924624; Issue ID: MSV-3826. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 06:15:00 GMT

read more

CVE-2025-9760 - Portabilis i-Educar Remote Authorization Bypass Vulnerability

CVE ID : CVE-2025-9760 Published : Sept. 1, 2025, 5:15 a.m. | 4 hours, 55 minutes ago Description : A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/aluno of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 05:15:00 GMT

read more

CVE-2025-9761 - Campcodes Online Feeds Product Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-9761 Published : Sept. 1, 2025, 5:15 a.m. | 4 hours, 55 minutes ago Description : A security vulnerability has been detected in Campcodes Online Feeds Product Inventory System 1.0. This vulnerability affects unknown code of the file /feeds/index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 05:15:00 GMT

read more

CVE-2025-9763 - Campcodes Online Learning Management System SQL Injection

CVE ID : CVE-2025-9763 Published : Sept. 1, 2025, 5:15 a.m. | 4 hours, 55 minutes ago Description : A vulnerability was detected in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /student_signup.php. The manipulation of the argument Username results in sql injection. The attack can be launched remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 05:15:00 GMT

read more

CVE-2025-9759 - Campcodes/SourceCodester Courier Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9759 Published : Sept. 1, 2025, 4:15 a.m. | 5 hours, 54 minutes ago Description : A security flaw has been discovered in Campcodes/SourceCodester Courier Management System 1.0. Affected by this issue is the function Signup of the file /ajax.php. Performing manipulation of the argument lastname results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-7405 - Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module Missing Authentication for Critical Function

CVE ID : CVE-2025-7405 Published : Sept. 1, 2025, 4:15 a.m. | 3 hours, 55 minutes ago Description : Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to read or write the device values of the product and stop the operation of the programs, since MODBUS/TCP in the products does not have authentication features. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-7731 - Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module Unauthenticated Cleartext Credential Exposure

CVE ID : CVE-2025-7731 Published : Sept. 1, 2025, 4:15 a.m. | 3 hours, 54 minutes ago Description : Cleartext Transmission of Sensitive Information vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to obtain credential information by intercepting SLMP communication messages, and read or write the device values of the product and stop the operations of programs by using the obtained credential information. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-9570 - Sunnet eHRD CTMS Arbitrary File Reading Vulnerability

CVE ID : CVE-2025-9570 Published : Sept. 1, 2025, 4:15 a.m. | 3 hours, 54 minutes ago Description : The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote attackers with administrator privileges to exploit Relative Path Traversal to download arbitrary system files. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-9758 - Deepakmisal24 Chemical Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9758 Published : Sept. 1, 2025, 4:15 a.m. | 3 hours, 54 minutes ago Description : A vulnerability was identified in deepakmisal24 Chemical Inventory Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /inventory_form.php. Such manipulation of the argument chem_name leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 04:15:00 GMT

read more

CVE-2025-9567 - Sunnet eHRD Reflected Cross-site Scripting

CVE ID : CVE-2025-9567 Published : Sept. 1, 2025, 3:15 a.m. | 4 hours, 55 minutes ago Description : The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 03:15:00 GMT

read more

CVE-2025-9568 - Sunnet eHRD Reflected Cross-site Scripting Vulnerability

CVE ID : CVE-2025-9568 Published : Sept. 1, 2025, 3:15 a.m. | 4 hours, 55 minutes ago Description : The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 03:15:00 GMT

read more

CVE-2025-9569 - Sunnet eHRD Reflected Cross-site Scripting Vulnerability

CVE ID : CVE-2025-9569 Published : Sept. 1, 2025, 3:15 a.m. | 4 hours, 55 minutes ago Description : The eHRD developed by Sunnet has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 03:15:00 GMT

read more

CVE-2025-9757 - Campcodes/SourceCodester Courier Management System SQL Injection

CVE ID : CVE-2025-9757 Published : Sept. 1, 2025, 3:15 a.m. | 4 hours, 55 minutes ago Description : A vulnerability was determined in Campcodes/SourceCodester Courier Management System 1.0. Affected is the function Login of the file /ajax.php. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 03:15:00 GMT

read more

CVE-2025-9754 - Campcodes Online Hospital Management System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-9754 Published : Sept. 1, 2025, 2:15 a.m. | 5 hours, 55 minutes ago Description : A flaw has been found in Campcodes Online Hospital Management System 1.0. The impacted element is an unknown function of the file /edit-profile.php of the component Edit Profile Page. Executing manipulation of the argument Username can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 02:15:00 GMT

read more

CVE-2025-9755 - Khanakag-17 Library Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9755 Published : Sept. 1, 2025, 2:15 a.m. | 5 hours, 55 minutes ago Description : A vulnerability has been found in Khanakag-17 Library Management System up to 60ed174506094dcd166e34904a54288e5d10ff24. This affects an unknown function of the file /index.php. The manipulation of the argument msg leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 02:15:00 GMT

read more

CVE-2025-9756 - PHPGurukul User Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9756 Published : Sept. 1, 2025, 2:15 a.m. | 5 hours, 55 minutes ago Description : A vulnerability was found in PHPGurukul User Management System 1.0. This impacts an unknown function of the file /admin/change-emailid.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 02:15:00 GMT

read more

CVE-2025-9752 - D-Link DIR-852 SOAP Service OS Command Injection Vulnerability

CVE ID : CVE-2025-9752 Published : Sept. 1, 2025, 1:15 a.m. | 4 hours, 37 minutes ago Description : A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgi_main of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 01:15:00 GMT

read more

CVE-2025-9753 - Campcodes Online Hospital Management System Cross Site Scripting (XSS)

CVE ID : CVE-2025-9753 Published : Sept. 1, 2025, 1:15 a.m. | 4 hours, 37 minutes ago Description : A vulnerability was detected in Campcodes Online Hospital Management System 1.0. The affected element is an unknown function of the file /admin/patient-search.php of the component Patient Search Module. Performing manipulation of the argument Search by Name Mobile No results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be used. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 01:15:00 GMT

read more

CVE-2025-9751 - Campcodes Online Learning Management System SQL Injection

CVE ID : CVE-2025-9751 Published : Sept. 1, 2025, 12:15 a.m. | 5 hours, 37 minutes ago Description : A weakness has been identified in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /login.php. This manipulation of the argument Username causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 01 Sep 2025 00:15:00 GMT

read more

CVE-2025-9749 - HKritesh009 Grocery List Management Web App SQL Injection Vulnerability

CVE ID : CVE-2025-9749 Published : Aug. 31, 2025, 11:15 p.m. | 6 hours, 37 minutes ago Description : A vulnerability was identified in HKritesh009 Grocery List Management Web App up to f491b681eb70d465f445c9a721415c965190f83b. This affects an unknown part of the file /src/update.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 23:15:00 GMT

read more

CVE-2025-9750 - Campcodes Online Learning Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9750 Published : Aug. 31, 2025, 11:15 p.m. | 6 hours, 37 minutes ago Description : A security flaw has been discovered in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument Username results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 23:15:00 GMT

read more

CVE-2025-9747 - Koillection CSRF Protection Bypass

CVE ID : CVE-2025-9747 Published : Aug. 31, 2025, 10:15 p.m. | 7 hours, 37 minutes ago Description : A vulnerability has been found in Koillection up to 1.6.18. Affected is an unknown function of the file assets/controllers/csrf_protection_controller.js. Such manipulation leads to cross-site request forgery. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.7.0 is able to address this issue. The name of the patch is 9ab8562d3f1e953da93fed63f9ee802c7ea26a9a. It is suggested to upgrade the affected component. The vendor explains: "I ended up switching to a newer CSRF handling using stateless token." Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 22:15:00 GMT

read more

CVE-2025-9748 - Tenda CH22 Remote Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9748 Published : Aug. 31, 2025, 10:15 p.m. | 7 hours, 37 minutes ago Description : A vulnerability was determined in Tenda CH22 1.0.0.1. Affected by this issue is the function fromIpsecitem of the file /goform/IPSECsave of the component httpd. Executing manipulation of the argument ipsecno can lead to stack-based buffer overflow. The attack may be performed from remote. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 22:15:00 GMT

read more

CVE-2025-9745 - D-Link jhttpd Os Command Injection Vulnerability

CVE ID : CVE-2025-9745 Published : Aug. 31, 2025, 9:15 p.m. | 8 hours, 37 minutes ago Description : A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /version_upgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 21:15:00 GMT

read more

CVE-2025-9746 - Campcodes Hospital Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9746 Published : Aug. 31, 2025, 9:15 p.m. | 8 hours, 37 minutes ago Description : A vulnerability was detected in Campcodes Hospital Management System 1.0. This affects an unknown function of the file /admin/edit-doctor-specialization.php of the component Edit Doctor Specialization Page. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 21:15:00 GMT

read more

CVE-2025-9744 - Campcodes Online Loan Management System SQL Injection

CVE ID : CVE-2025-9744 Published : Aug. 31, 2025, 8:15 p.m. | 9 hours, 37 minutes ago Description : A weakness has been identified in Campcodes Online Loan Management System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Executing manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 20:15:00 GMT

read more

CVE-2025-9743 - "Code-projects Human Resource Integrated System SQL Injection Vulnerability"

CVE ID : CVE-2025-9743 Published : Aug. 31, 2025, 8:15 p.m. | 9 hours, 13 minutes ago Description : A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file login_attendance2.php. Performing manipulation of the argument employee_id/date results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 20:15:00 GMT

read more

CVE-2025-9741 - "Code-projects Human Resource Integrated System SQL Injection"

CVE ID : CVE-2025-9741 Published : Aug. 31, 2025, 7:15 p.m. | 10 hours, 13 minutes ago Description : A vulnerability was determined in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /login_query12.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 19:15:00 GMT

read more

CVE-2025-9742 - Code-projects Human Resource Integrated System SQL Injection Vulnerability

CVE ID : CVE-2025-9742 Published : Aug. 31, 2025, 7:15 p.m. | 10 hours, 13 minutes ago Description : A vulnerability was identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 19:15:00 GMT

read more

CVE-2025-9739 - Campcodes Online Water Billing System SQL Injection

CVE ID : CVE-2025-9739 Published : Aug. 31, 2025, 6:15 p.m. | 11 hours, 13 minutes ago Description : A vulnerability has been found in Campcodes Online Water Billing System 1.0. Affected by this issue is some unknown functionality of the file /process.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 18:15:00 GMT

read more

CVE-2025-9740 - Human Resource Integrated System SQL Injection

CVE ID : CVE-2025-9740 Published : Aug. 31, 2025, 6:15 p.m. | 11 hours, 13 minutes ago Description : A vulnerability was found in code-projects Human Resource Integrated System 1.0. This affects an unknown part of the file /log_query.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 18:15:00 GMT

read more

CVE-2025-9737 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9737 Published : Aug. 31, 2025, 5:15 p.m. | 12 hours, 13 minutes ago Description : A vulnerability was detected in O2OA up to 10.0-410. Affected is an unknown function of the file /x_query_assemble_designer/jaxrs/importmodel of the component Personal Profile Page. Performing manipulation of the argument description/applicationName/queryName results in cross site scripting. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 17:15:00 GMT

read more

CVE-2025-9738 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9738 Published : Aug. 31, 2025, 5:15 p.m. | 12 hours, 13 minutes ago Description : A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_tipo_ensino_cad.php. Executing manipulation of the argument nm_tipo can lead to cross site scripting. The attack can be executed remotely. The exploit has been published and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 17:15:00 GMT

read more

CVE-2025-9735 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9735 Published : Aug. 31, 2025, 4:15 p.m. | 13 hours, 13 minutes ago Description : A weakness has been identified in O2OA up to 10.0-410. This affects an unknown function of the file /x_query_assemble_designer/jaxrs/table of the component Personal Profile Page. This manipulation of the argument description/applicationName/queryName causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 16:15:00 GMT

read more

CVE-2025-9736 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9736 Published : Aug. 31, 2025, 4:15 p.m. | 13 hours, 13 minutes ago Description : A security vulnerability has been detected in O2OA up to 10.0-410. This impacts an unknown function of the file /x_query_assemble_designer/jaxrs/statement of the component Personal Profile Page. Such manipulation of the argument description/queryName leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 16:15:00 GMT

read more

CVE-2025-9733 - "Code-projects Human Resource Integrated System SQL Injection Vulnerability"

CVE ID : CVE-2025-9733 Published : Aug. 31, 2025, 3:15 p.m. | 14 hours, 13 minutes ago Description : A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. This impacts an unknown function of the file /login_timeee.php. Performing manipulation of the argument emp_id results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 15:15:00 GMT

read more

CVE-2025-9734 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9734 Published : Aug. 31, 2025, 3:15 p.m. | 14 hours, 13 minutes ago Description : A security flaw has been discovered in O2OA up to 10.0-410. The impacted element is an unknown function of the file /x_query_assemble_designer/jaxrs/stat of the component Personal Profile Page. The manipulation of the argument name/alias/description/applicationName results in cross site scripting. The attack can be launched remotely. The exploit has been released to the public and may be exploited. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 15:15:00 GMT

read more

CVE-2025-9732 - "DCMTK dcm2img DIYBRPXT Memory Corruption Vulnerability"

CVE ID : CVE-2025-9732 Published : Aug. 31, 2025, 2:15 p.m. | 15 hours, 13 minutes ago Description : A vulnerability was identified in DCMTK up to 3.6.9. This affects an unknown function in the library dcmimage/include/dcmtk/dcmimage/diybrpxt.h of the component dcm2img. Such manipulation leads to memory corruption. Local access is required to approach this attack. The name of the patch is 7ad81d69b. It is best practice to apply a patch to resolve this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 14:15:00 GMT

read more

CVE-2025-9731 - Tenda AC9 Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-9731 Published : Aug. 31, 2025, 2:15 p.m. | 11 hours, 37 minutes ago Description : A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack's complexity is rated as high. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 14:15:00 GMT

read more

CVE-2025-9729 - PHPGurukul Online Course Registration SQL Injection Vulnerability

CVE ID : CVE-2025-9729 Published : Aug. 31, 2025, 1:15 p.m. | 12 hours, 37 minutes ago Description : A vulnerability was detected in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /admin/student-registration.php. Performing manipulation of the argument studentname results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 13:15:00 GMT

read more

CVE-2025-9730 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9730 Published : Aug. 31, 2025, 1:15 p.m. | 12 hours, 37 minutes ago Description : A vulnerability was found in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /ajax/updateProfile.php. The manipulation of the argument user_id results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 13:15:00 GMT

read more

CVE-2025-9727 - D-Link DIR-816L SoapCGI OS Command Injection Vulnerability

CVE ID : CVE-2025-9727 Published : Aug. 31, 2025, 12:15 p.m. | 9 hours, 37 minutes ago Description : A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgi_main of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 12:15:00 GMT

read more

CVE-2025-9728 - Givanz Vvveb Cross Site Scripting Vulnerability

CVE ID : CVE-2025-9728 Published : Aug. 31, 2025, 12:15 p.m. | 9 hours, 37 minutes ago Description : A security vulnerability has been detected in givanz Vvveb 1.0.7.2. This affects an unknown part of the file app/template/user/login.tpl. Such manipulation of the argument Email/Password leads to cross site scripting. The attack can be executed remotely. The name of the patch is bbd4c42c66ab818142240348173a669d1d2537fe. Applying a patch is advised to resolve this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 12:15:00 GMT

read more

CVE-2025-9726 - Campcodes Farm Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9726 Published : Aug. 31, 2025, 11:15 a.m. | 10 hours, 37 minutes ago Description : A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /review.php. The manipulation of the argument pid results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 11:15:00 GMT

read more

CVE-2025-9724 - Portabilis i-Educar Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-9724 Published : Aug. 31, 2025, 10:15 a.m. | 11 hours, 37 minutes ago Description : A vulnerability was determined in Portabilis i-Educar up to 2.10. This impacts an unknown function of the file /intranet/educar_nivel_ensino_cad.php. Executing manipulation of the argument nm_nivel/descricao can lead to cross site scripting. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 10:15:00 GMT

read more

CVE-2025-9725 - Cudy LT500E Default Password Hard-Coding Vulnerability

CVE ID : CVE-2025-9725 Published : Aug. 31, 2025, 10:15 a.m. | 11 hours, 37 minutes ago Description : A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of the file /squashfs-root/etc/shadow of the component Web Interface. The manipulation leads to use of hard-coded password. The attack must be carried out locally. The attack's complexity is rated as high. The exploitability is told to be difficult. The exploit is publicly available and might be used. Upgrading to version 2.3.13 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains: "[T]he firmware does store a default password of 'admin'. This password has been deprecated since LT500E firmware version 2.3.13 and is no longer used. The LT500E does not have an administrator password set by default; a new password (at least 8 characters ) must be manually created upon first login the web management page." Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 10:15:00 GMT

read more

CVE-2025-9723 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9723 Published : Aug. 31, 2025, 9:15 a.m. | 12 hours, 37 minutes ago Description : A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educar_tipo_regime_cad.php. Performing manipulation of the argument nm_tipo results in cross site scripting. The attack can be initiated remotely. The exploit has been made public and could be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 09:15:00 GMT

read more

CVE-2025-9722 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9722 Published : Aug. 31, 2025, 8:15 a.m. | 13 hours, 37 minutes ago Description : A vulnerability has been found in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file /intranet/educar_tipo_ocorrencia_disciplinar_cad.php. Such manipulation of the argument nm_tipo/descricao leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 08:15:00 GMT

read more

CVE-2025-9721 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9721 Published : Aug. 31, 2025, 8:15 a.m. | 12 hours, 29 minutes ago Description : A flaw has been found in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /module/FormulaMedia/edit. This manipulation of the argument nome/formulaMedia causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been published and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 08:15:00 GMT

read more

CVE-2025-9720 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9720 Published : Aug. 31, 2025, 7:15 a.m. | 13 hours, 29 minutes ago Description : A vulnerability was detected in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /module/TabelaArredondamento/edit of the component Cadastrar tabela de arredondamento Page. The manipulation of the argument Nome results in cross site scripting. The attack may be performed from a remote location. The exploit is now public and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 07:15:00 GMT

read more

CVE-2025-9718 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9718 Published : Aug. 31, 2025, 6:15 a.m. | 13 hours, 37 minutes ago Description : A security flaw has been discovered in O2OA up to 10.0-410. This affects an unknown part of the file /x_processplatform_assemble_designer/jaxrs/process of the component Personal Profile Page. Performing manipulation of the argument name/alias results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 06:15:00 GMT

read more

CVE-2025-9719 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9719 Published : Aug. 31, 2025, 6:15 a.m. | 13 hours, 37 minutes ago Description : A weakness has been identified in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /x_processplatform_assemble_designer/jaxrs/script of the component Personal Profile Page. Executing manipulation of the argument name/alias/description/applicationName can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 06:15:00 GMT

read more

CVE-2025-9716 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9716 Published : Aug. 31, 2025, 5:15 a.m. | 13 hours, 29 minutes ago Description : A vulnerability was determined in O2OA up to 10.0-410. Affected by this vulnerability is an unknown functionality of the file /x_processplatform_assemble_designer/jaxrs/form of the component Personal Profile Page. This manipulation of the argument name/alias/description causes cross site scripting. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 05:15:00 GMT

read more

CVE-2025-9717 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9717 Published : Aug. 31, 2025, 5:15 a.m. | 13 hours, 29 minutes ago Description : A vulnerability was identified in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /x_organization_assemble_control/jaxrs/unit/ of the component Personal Profile Page. Such manipulation of the argument name/shortName/distinguishedName/pinyin/pinyinInitial/levelName leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 05:15:00 GMT

read more

CVE-2025-5083 - WordPress Amministrazione Trasparente Stored Cross-Site Scripting

CVE ID : CVE-2025-5083 Published : Aug. 31, 2025, 5:15 a.m. | 12 hours, 36 minutes ago Description : The Amministrazione Trasparente plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 05:15:00 GMT

read more

CVE-2025-47696 - Solwin Blog Designer PRO PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-47696 Published : Aug. 31, 2025, 4:15 a.m. | 13 hours, 36 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Solwin Blog Designer PRO.This issue affects Blog Designer PRO: from n/a through 3.4.7. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 04:15:00 GMT

read more

CVE-2024-32589 - UkrSolution Barcode Scanner with Inventory Order Manager Missing Authorization

CVE ID : CVE-2024-32589 Published : Aug. 31, 2025, 4:15 a.m. | 11 hours, 36 minutes ago Description : Missing Authorization vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.5.3. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 04:15:00 GMT

read more

CVE-2024-32832 - Hamid Alinia Login with Phone Number Missing Authorization

CVE ID : CVE-2024-32832 Published : Aug. 31, 2025, 4:15 a.m. | 11 hours, 36 minutes ago Description : Missing Authorization vulnerability in Hamid Alinia Login with phone number.This issue affects Login with phone number: from n/a through 1.6.93. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 04:15:00 GMT

read more

CVE-2025-31100 - Mojoomla School Management Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-31100 Published : Aug. 31, 2025, 4:15 a.m. | 11 hours, 36 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management allows Upload a Web Shell to a Web Server.This issue affects School Management: from n/a through 1.93.1 (02-07-2025). Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 04:15:00 GMT

read more

CVE-2025-9715 - O2OA Cross Site Scripting Vulnerability

CVE ID : CVE-2025-9715 Published : Aug. 31, 2025, 1:15 a.m. | 14 hours, 36 minutes ago Description : A vulnerability was found in O2OA up to 10.0-410. Affected is an unknown function of the file /x_cms_assemble_control/jaxrs/script of the component Personal Profile Page. The manipulation of the argument name/alias/description results in cross site scripting. The attack can be launched remotely. The exploit has been made public and could be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 31 Aug 2025 01:15:00 GMT

read more

CVE-2025-6992 - Apache Struts Command Evaluation Remote Code Execution

CVE ID : CVE-2025-6992 Published : Aug. 30, 2025, 11:15 p.m. | 16 hours, 12 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 23:15:00 GMT

read more

CVE-2025-9706 - SourceCodester Water Billing System SQL Injection Vulnerability

CVE ID : CVE-2025-9706 Published : Aug. 30, 2025, 10:15 p.m. | 17 hours, 12 minutes ago Description : A security vulnerability has been detected in SourceCodester Water Billing System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 22:15:00 GMT

read more

CVE-2025-9705 - SourceCodester Water Billing System SQL Injection Vulnerability

CVE ID : CVE-2025-9705 Published : Aug. 30, 2025, 9:15 p.m. | 16 hours, 36 minutes ago Description : A weakness has been identified in SourceCodester Water Billing System 1.0. Affected is an unknown function of the file /paybill.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 21:15:00 GMT

read more

CVE-2025-9704 - SourceCodester Water Billing System SQL Injection Vulnerability

CVE ID : CVE-2025-9704 Published : Aug. 30, 2025, 8:15 p.m. | 17 hours, 36 minutes ago Description : A security flaw has been discovered in SourceCodester Water Billing System 1.0. This impacts an unknown function of the file /viewbill.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 20:15:00 GMT

read more

CVE-2025-9702 - SourceCodester Simple Cafe Billing System SQL Injection

CVE ID : CVE-2025-9702 Published : Aug. 30, 2025, 7:15 p.m. | 18 hours, 36 minutes ago Description : A vulnerability was identified in SourceCodester Simple Cafe Billing System 1.0. This affects an unknown function of the file /sales_report.php. The manipulation of the argument month leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 19:15:00 GMT

read more

CVE-2025-9701 - SourceCodester Simple Cafe Billing System SQL Injection

CVE ID : CVE-2025-9701 Published : Aug. 30, 2025, 6:15 p.m. | 19 hours, 36 minutes ago Description : A vulnerability was determined in SourceCodester Simple Cafe Billing System 1.0. The impacted element is an unknown function of the file /receipt.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 18:15:00 GMT

read more

CVE-2025-9700 - SourceCodester Online Book Store SQL Injection Vulnerability

CVE ID : CVE-2025-9700 Published : Aug. 30, 2025, 6:15 p.m. | 18 hours, 28 minutes ago Description : A flaw has been found in SourceCodester Online Book Store 1.0. This issue affects some unknown processing of the file /publisher_list.php. This manipulation of the argument pubid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 18:15:00 GMT

read more

CVE-2025-9699 - SourceCodester Online Polling System Code SQL Injection

CVE ID : CVE-2025-9699 Published : Aug. 30, 2025, 5:15 p.m. | 19 hours, 28 minutes ago Description : A vulnerability was detected in SourceCodester Online Polling System Code 1.0. This vulnerability affects unknown code of the file /admin/checklogin.php. The manipulation of the argument myusername results in sql injection. The attack may be performed from a remote location. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 17:15:00 GMT

read more

CVE-2025-9695 - GalleryVault Android Improper Component Export Vulnerability

CVE ID : CVE-2025-9695 Published : Aug. 30, 2025, 4:15 p.m. | 18 hours, 28 minutes ago Description : A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.thinkyeah.galleryvault. The manipulation leads to improper export of android application components. The attack can only be performed from a local environment. The exploit is publicly available and might be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 16:15:00 GMT

read more

CVE-2025-9692 - Campcodes Online Shopping System SQL Injection Vulnerability

CVE ID : CVE-2025-9692 Published : Aug. 30, 2025, 3:15 p.m. | 19 hours, 28 minutes ago Description : A vulnerability was found in Campcodes Online Shopping System 1.0. Affected is an unknown function of the file /product.php. Performing manipulation of the argument p results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 15:15:00 GMT

read more

CVE-2025-9694 - Campcodes Advanced Online Voting System SQL Injection

CVE ID : CVE-2025-9694 Published : Aug. 30, 2025, 3:15 p.m. | 19 hours, 28 minutes ago Description : A vulnerability was determined in Campcodes Advanced Online Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 15:15:00 GMT

read more

CVE-2012-10062 - Apache Friends XAMPP WebDAV Remote Code Execution Vulnerability

CVE ID : CVE-2012-10062 Published : Aug. 30, 2025, 2:15 p.m. | 20 hours, 28 minutes ago Description : A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits attackers to upload a malicious PHP payload and trigger its execution via a subsequent GET request, resulting in remote code execution on the server. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2025-9690 - SourceCodester Advanced School Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9690 Published : Aug. 30, 2025, 2:15 p.m. | 20 hours, 28 minutes ago Description : A flaw has been found in SourceCodester Advanced School Management System 1.0. This affects an unknown function of the file /index.php/stock/vendordetails. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2025-9691 - Campcodes Online Shopping System SQL Injection

CVE ID : CVE-2025-9691 Published : Aug. 30, 2025, 2:15 p.m. | 20 hours, 28 minutes ago Description : A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2011-10032 - Sunway ForceControl SNMP NetDBServer Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2011-10032 Published : Aug. 30, 2025, 2:15 p.m. | 17 hours, 35 minutes ago Description : Sunway ForceControl version 6.1 SP3 and earlier contains a stack-based buffer overflow vulnerability in the SNMP NetDBServer service, which listens on TCP port 2001. The flaw is triggered when the service receives a specially crafted packet using opcode 0x57 with an overly long payload. Due to improper bounds checking during packet parsing, attacker-controlled data overwrites the Structured Exception Handler (SEH), allowing arbitrary code execution in the context of the service. This vulnerability can be exploited remotely without authentication and may lead to full system compromise on affected Windows hosts. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2009-20009 - "Belkin Bulldog Plus Stack-Based Buffer Overflow Vulnerability"

CVE ID : CVE-2009-20009 Published : Aug. 30, 2025, 2:15 p.m. | 15 hours, 35 minutes ago Description : Belkin Bulldog Plus version 4.0.2 build 1219 contains a stack-based buffer overflow vulnerability in its web service authentication handler. When a specially crafted HTTP request is sent with an oversized Authorization header, the application fails to properly validate the input length before copying it into a fixed-size buffer, resulting in memory corruption and potential remote code execution. Exploitation requires network access and does not require prior authentication. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2009-20010 - Dogfood CRM Remote Command Execution Vulnerability

CVE ID : CVE-2009-20010 Published : Aug. 30, 2025, 2:15 p.m. | 15 hours, 35 minutes ago Description : Dogfood CRM version 2.0.10 contains a remote command execution vulnerability in the spell.php script used by its mail subsystem. The vulnerability arises from unsanitized user input passed via a POST request to the data parameter, which is processed by the underlying shell without adequate escaping. This allows attackers to inject arbitrary shell commands and execute them on the server. The flaw is exploitable without authentication and was discovered by researcher LSO. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2009-20011 - Impero Software ContentKeeper Web Appliance Remote Command Execution Vulnerability

CVE ID : CVE-2009-20011 Published : Aug. 30, 2025, 2:15 p.m. | 15 hours, 35 minutes ago Description : ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 are vulnerable to remote command execution due to insecure handling of file uploads via the mimencode CGI utility. The vulnerability allows unauthenticated attackers to upload and execute arbitrary scripts as the Apache user. Additionally, the exploit can optionally escalate privileges by abusing insecure PATH usage in the benetool binary, resulting in root-level access if successful. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2010-10016 - BS.Player SEH Buffer Overflow

CVE ID : CVE-2010-10016 Published : Aug. 30, 2025, 2:15 p.m. | 15 hours, 35 minutes ago Description : BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded in the playlist, allowing overwrite of Structured Exception Handler (SEH) records. The vulnerability is triggered upon opening a crafted playlist file and affects the Unicode parsing logic in the Windows client. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2010-10017 - Windows Media Downloader Buffer Overflow Vulnerability

CVE ID : CVE-2010-10017 Published : Aug. 30, 2025, 2:15 p.m. | 15 hours, 35 minutes ago Description : WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records and execute arbitrary code. Exploitation occurs locally when a user opens the malicious file, and the payload executes with the privileges of the current user. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2005-10004 - Cacti Remote Command Execution Vulnerability

CVE ID : CVE-2005-10004 Published : Aug. 30, 2025, 2:15 p.m. | 13 hours, 34 minutes ago Description : Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2008-20001 - ActivePDF WebGrabber Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2008-20001 Published : Aug. 30, 2025, 2:15 p.m. | 13 hours, 34 minutes ago Description : activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus() method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although the control is not marked safe for scripting, exploitation is possible via crafted HTML content in Internet Explorer under permissive security settings. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2009-20008 - Green Dam Youth Escort Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2009-20008 Published : Aug. 30, 2025, 2:15 p.m. | 13 hours, 34 minutes ago Description : Green Dam Youth Escort version 3.17 is vulnerable to a stack-based buffer overflow when processing overly long URLs. The flaw resides in the URL filtering component, which fails to properly validate input length before copying user-supplied data into a fixed-size buffer. A remote attacker can exploit this vulnerability by enticing a user to visit a specially crafted webpage containing a long URL, resulting in arbitrary code execution. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 14:15:00 GMT

read more

CVE-2025-9689 - SourceCodester Advanced School Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9689 Published : Aug. 30, 2025, 1:15 p.m. | 14 hours, 34 minutes ago Description : A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/stock/item_select. The manipulation of the argument q results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 13:15:00 GMT

read more

CVE-2025-9688 - Mupen64Plus Remote Integer Overflow Vulnerability

CVE ID : CVE-2025-9688 Published : Aug. 30, 2025, 1:15 p.m. | 12 hours, 34 minutes ago Description : A security vulnerability has been detected in Mupen64Plus up to 2.6.0. The affected element is the function write_is_viewer of the file src/device/cart/is_viewer.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 13:15:00 GMT

read more

CVE-2025-0165 - IBM Watsonx Orchestrate Cartridge for IBM Cloud Pak for Data SQL Injection Vulnerability

CVE ID : CVE-2025-0165 Published : Aug. 30, 2025, 1:15 p.m. | 9 hours, 27 minutes ago Description : IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data 4.8.4, 4.8.5, and 5.0.0 through 5.2.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 13:15:00 GMT

read more

CVE-2025-9686 - Portabilis i-Educar SQL Injection Vulnerability

CVE ID : CVE-2025-9686 Published : Aug. 30, 2025, 12:15 p.m. | 9 hours, 24 minutes ago Description : A security flaw has been discovered in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /module/AreaConhecimento/edit of the component Listagem de áreas de conhecimento Page. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 12:15:00 GMT

read more

CVE-2025-9687 - Portabilis i-Educar Remote Authorization Bypass Vulnerability

CVE ID : CVE-2025-9687 Published : Aug. 30, 2025, 12:15 p.m. | 9 hours, 24 minutes ago Description : A weakness has been identified in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /module/HistoricoEscolar/processamentoApi. Executing manipulation can lead to improper authorization. The attack may be performed from a remote location. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 12:15:00 GMT

read more

CVE-2025-9685 - Portabilis i-Educar SQL Injection Vulnerability

CVE ID : CVE-2025-9685 Published : Aug. 30, 2025, 11:15 a.m. | 9 hours, 27 minutes ago Description : A vulnerability was identified in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /module/AreaConhecimento/view of the component Listagem de áreas de conhecimento Page. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 11:15:00 GMT

read more

CVE-2025-9684 - Portabilis i-Educar SQL Injection Vulnerability

CVE ID : CVE-2025-9684 Published : Aug. 30, 2025, 11:15 a.m. | 8 hours, 36 minutes ago Description : A vulnerability was determined in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/FormulaMedia/edit of the component Formula de Cálculo de Média Page. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 11:15:00 GMT

read more

CVE-2025-9682 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9682 Published : Aug. 30, 2025, 10:15 a.m. | 7 hours, 30 minutes ago Description : A vulnerability has been found in O2OA up to 10.0-410. Affected by this vulnerability is an unknown functionality of the file /x_cms_assemble_control/jaxrs/design/appdict of the component Personal Profile Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 10:15:00 GMT

read more

CVE-2025-9683 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9683 Published : Aug. 30, 2025, 10:15 a.m. | 7 hours, 30 minutes ago Description : A vulnerability was found in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /x_cms_assemble_control/jaxrs/form of the component Personal Profile Page. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 10:15:00 GMT

read more

CVE-2025-38677 - F2FS Linux Kernel Out-of-Boundary Access Vulnerability

CVE ID : CVE-2025-38677 Published : Aug. 30, 2025, 10:15 a.m. | 7 hours, 12 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in dnode page As Jiaming Zhang reported: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x1c1/0x2a0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0x17e/0x800 mm/kasan/report.c:480 kasan_report+0x147/0x180 mm/kasan/report.c:593 data_blkaddr fs/f2fs/f2fs.h:3053 [inline] f2fs_data_blkaddr fs/f2fs/f2fs.h:3058 [inline] f2fs_get_dnode_of_data+0x1a09/0x1c40 fs/f2fs/node.c:855 f2fs_reserve_block+0x53/0x310 fs/f2fs/data.c:1195 prepare_write_begin fs/f2fs/data.c:3395 [inline] f2fs_write_begin+0xf39/0x2190 fs/f2fs/data.c:3594 generic_perform_write+0x2c7/0x910 mm/filemap.c:4112 f2fs_buffered_write_iter fs/f2fs/file.c:4988 [inline] f2fs_file_write_iter+0x1ec8/0x2410 fs/f2fs/file.c:5216 new_sync_write fs/read_write.c:593 [inline] vfs_write+0x546/0xa90 fs/read_write.c:686 ksys_write+0x149/0x250 fs/read_write.c:738 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xf3/0x3d0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f The root cause is in the corrupted image, there is a dnode has the same node id w/ its inode, so during f2fs_get_dnode_of_data(), it tries to access block address in dnode at offset 934, however it parses the dnode as inode node, so that get_dnode_addr() returns 360, then it tries to access page address from 360 + 934 * 4 = 4096 w/ 4 bytes. To fix this issue, let's add sanity check for node id of all direct nodes during f2fs_get_dnode_of_data(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 10:15:00 GMT

read more

CVE-2025-9681 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9681 Published : Aug. 30, 2025, 9:15 a.m. | 8 hours, 12 minutes ago Description : A flaw has been found in O2OA up to 10.0-410. Affected is an unknown function of the file /x_program_center/jaxrs/agent of the component Personal Profile Page. Executing manipulation can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 09:15:00 GMT

read more

CVE-2025-9680 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9680 Published : Aug. 30, 2025, 7:15 a.m. | 8 hours, 36 minutes ago Description : A vulnerability was detected in O2OA up to 10.0-410. This impacts an unknown function of the file /x_portal_assemble_designer/jaxrs/page of the component Personal Profile Page. Performing manipulation results in cross site scripting. The attack can be initiated remotely. The exploit is now public and may be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 07:15:00 GMT

read more

CVE-2025-9679 - "iSourcecode Student Information System SQL Injection Vulnerability"

CVE ID : CVE-2025-9679 Published : Aug. 30, 2025, 5:15 a.m. | 10 hours, 36 minutes ago Description : A security vulnerability has been detected in itsourcecode Student Information System 1.0. This affects an unknown function of the file /course_edit1.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 05:15:00 GMT

read more

CVE-2025-9499 - WordPress Ocean Extra Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9499 Published : Aug. 30, 2025, 5:15 a.m. | 8 hours, 36 minutes ago Description : The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's oceanwp_library shortcode in all versions up to, and including, 2.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 05:15:00 GMT

read more

CVE-2025-9500 - TablePress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9500 Published : Aug. 30, 2025, 5:15 a.m. | 8 hours, 36 minutes ago Description : The TablePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shortcode_debug’ parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 05:15:00 GMT

read more

CVE-2025-54942 - SUNNET Corporate Training Management System Authentication Bypass

CVE ID : CVE-2025-54942 Published : Aug. 30, 2025, 4:15 a.m. | 9 hours, 36 minutes ago Description : A missing authentication for critical function vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to access deployment functionality without prior authentication. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-54943 - SUNNET Corporate Training Management System Authentication Bypass

CVE ID : CVE-2025-54943 Published : Aug. 30, 2025, 4:15 a.m. | 9 hours, 36 minutes ago Description : A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-54944 - SUNNET Corporate Training Management System File Upload Code Execution Vulnerability

CVE ID : CVE-2025-54944 Published : Aug. 30, 2025, 4:15 a.m. | 9 hours, 35 minutes ago Description : An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-54945 - SUNNET Corporate Training Management System Command Injection Vulnerability

CVE ID : CVE-2025-54945 Published : Aug. 30, 2025, 4:15 a.m. | 9 hours, 35 minutes ago Description : An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary system commands via a malicious file by controlling the destination file path. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-54946 - SUNNET Corporate Training Management System SQL Injection Vulnerability

CVE ID : CVE-2025-54946 Published : Aug. 30, 2025, 4:15 a.m. | 9 hours, 35 minutes ago Description : A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 04:15:00 GMT

read more

CVE-2025-4956 - AA-Team Pro Bulk Watermark Plugin for WordPress Path Traversal Vulnerability

CVE ID : CVE-2025-4956 Published : Aug. 30, 2025, 2:15 a.m. | 11 hours, 36 minutes ago Description : Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through 2.0. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 02:15:00 GMT

read more

CVE-2025-9618 - WordPress Related Posts Lite CSRF

CVE ID : CVE-2025-9618 Published : Aug. 30, 2025, 2:15 a.m. | 11 hours, 36 minutes ago Description : The Related Posts Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to modify plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 02:15:00 GMT

read more

CVE-2025-34164 - NetSupport Manager Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-34164 Published : Aug. 30, 2025, 12:15 a.m. | 13 hours, 36 minutes ago Description : A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially result in arbitrary code execution. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 00:15:00 GMT

read more

CVE-2025-34165 - NetSupport Manager Denial of Service and Information Leak Buffer Overflow

CVE ID : CVE-2025-34165 Published : Aug. 30, 2025, 12:15 a.m. | 13 hours, 36 minutes ago Description : A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially leak a limited amount of memory. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 30 Aug 2025 00:15:00 GMT

read more

CVE-2025-58159 - WeGIA Web Manager Remote Code Execution Vulnerability

CVE ID : CVE-2025-58159 Published : Aug. 29, 2025, 11:15 p.m. | 14 hours, 36 minutes ago Description : WeGIA is a Web manager for charitable institutions. Prior to version 3.4.11, a remote code execution vulnerability was identified, caused by improper validation of uploaded files. The application allows an attacker to upload files with arbitrary filenames, including those with a .php extension. Because the uploaded file is written directly to disk without adequate sanitization or extension restrictions, a spreadsheet file followed by PHP code can be uploaded and executed on the server, leading to arbitrary code execution. This is due to insufficient mitigation of CVE-2025-22133. This issue has been patched in version 3.4.11. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 23:15:00 GMT

read more

CVE-2025-58068 - Eventlet HTTP Request Smuggling Vulnerability

CVE ID : CVE-2025-58068 Published : Aug. 29, 2025, 10:15 p.m. | 15 hours, 36 minutes ago Description : Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections. This vulnerability could enable attackers to, bypass front-end security controls, launch targeted attacks against active site users, and poison web caches. This problem has been patched in Eventlet 0.40.3 by dropping trailers which is a breaking change if a backend behind eventlet.wsgi proxy requires trailers. A workaround involves not using eventlet.wsgi facing untrusted clients. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-58156 - Centurion ERP Information Disclosure Vulnerability

CVE ID : CVE-2025-58156 Published : Aug. 29, 2025, 10:15 p.m. | 15 hours, 36 minutes ago Description : Centurion ERP is an ERP with a focus on ITSM and automation. In versions starting from 1.12.0 to before 1.21.0, an authenticated user can view all authentication token details within the database. This includes the actual token, although only the hashed token. This does not include any un-hashed authentication token as viewable. This issue has been patched in version 1.21.0. A workaround for this is not deemed viable as it would involve disabling token authentication. Users are encouraged to remove any authentication token that was created by one of the effected versions of Centurion ERP. Webmasters can ensure this occurs by removing all authentication tokens from the database. Severity: 1.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-58157 - Gnark Fake-GLV Algorithm Denial of Service Vulnerability

CVE ID : CVE-2025-58157 Published : Aug. 29, 2025, 10:15 p.m. | 15 hours, 36 minutes ago Description : gnark is a zero-knowledge proof system framework. In version 0.12.0, there is a potential denial of service vulnerability when computing scalar multiplication is using the fake-GLV algorithm. This is because the algorithm didn't converge quickly enough for some of the inputs. This issue has been patched in version 0.13.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-58160 - Tracing-Subscriber ANSI Escape Sequence Injection

CVE ID : CVE-2025-58160 Published : Aug. 29, 2025, 10:15 p.m. | 15 hours, 36 minutes ago Description : tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to manipulate terminal title bars, clear screens or modify terminal display, and potentially mislead users through terminal manipulation. tracing-subscriber version 0.3.20 fixes this vulnerability by escaping ANSI control characters when writing events to destinations that may be printed to the terminal. A workaround involves avoiding printing logs to terminal emulators without escaping ANSI control sequences. Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-9678 - Campcodes Online Loan Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9678 Published : Aug. 29, 2025, 10:15 p.m. | 15 hours, 36 minutes ago Description : A weakness has been identified in Campcodes Online Loan Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=delete_borrower. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-55173 - Next.js Image Optimization File Download Content Injection Vulnerability

CVE ID : CVE-2025-55173 Published : Aug. 29, 2025, 10:15 p.m. | 12 hours, 25 minutes ago Description : Next.js is a React framework for building full-stack web applications. In versions before 14.2.31 and from 15.0.0 to before 15.4.5, Next.js Image Optimization is vulnerable to content injection. The issue allowed attacker-controlled external image sources to trigger file downloads with arbitrary content and filenames under specific configurations. This behavior could be abused for phishing or malicious file delivery. This vulnerability has been fixed in Next.js versions 14.2.31 and 15.4.5. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-57752 - Next.js Image Optimization API Cache Key Confusion Vulnerability

CVE ID : CVE-2025-57752 Published : Aug. 29, 2025, 10:15 p.m. | 12 hours, 25 minutes ago Description : Next.js is a React framework for building full-stack web applications. In versions before 14.2.31 and from 15.0.0 to before 15.4.5, Next.js Image Optimization API routes are affected by cache key confusion. When images returned from API routes vary based on request headers (such as Cookie or Authorization), these responses could be incorrectly cached and served to unauthorized users due to a cache key confusion bug. This vulnerability has been fixed in Next.js versions 14.2.31 and 15.4.5. All users are encouraged to upgrade if they use API routes to serve images that depend on request headers and have image optimization enabled. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-57822 - Next.js SSRF Vulnerability

CVE ID : CVE-2025-57822 Published : Aug. 29, 2025, 10:15 p.m. | 12 hours, 25 minutes ago Description : Next.js is a React framework for building full-stack web applications. Prior to versions 14.2.32 and 15.4.7, when next() was used without explicitly passing the request object, it could lead to SSRF in self-hosted applications that incorrectly forwarded user-supplied headers. This vulnerability has been fixed in Next.js versions 14.2.32 and 15.4.7. All users implementing custom middleware logic in self-hosted environments are strongly encouraged to upgrade and verify correct usage of the next() function. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 22:15:00 GMT

read more

CVE-2025-9676 - NCSOFT Universe App Android Application Component Export Vulnerability

CVE ID : CVE-2025-9676 Published : Aug. 29, 2025, 9:15 p.m. | 13 hours, 25 minutes ago Description : A vulnerability was identified in NCSOFT Universe App up to 1.3.0. Impacted is an unknown function of the file AndroidManifest.xml of the component com.ncsoft.universeapp. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-9677 - Modo Legend of the Phoenix Android Application Component Export Vulnerability

CVE ID : CVE-2025-9677 Published : Aug. 29, 2025, 9:15 p.m. | 13 hours, 25 minutes ago Description : A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. The affected element is an unknown function of the file AndroidManifest.xml of the component com.duige.hzw.multilingual. The manipulation results in improper export of android application components. The attack needs to be approached locally. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-9675 - Voice Changer App AndroidManifest.xml Component Export Vulnerability

CVE ID : CVE-2025-9675 Published : Aug. 29, 2025, 9:15 p.m. | 12 hours, 36 minutes ago Description : A vulnerability was determined in Voice Changer App up to 1.1.0. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.tuyangkeji.changevoice. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-58066 - Ntpd-rs NTS Protocol Denial of Service Vulnerability

CVE ID : CVE-2025-58066 Published : Aug. 29, 2025, 9:15 p.m. | 10 hours, 36 minutes ago Description : nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm between two NTP servers running ntpd-rs. Client-only configurations are not affected. Affected users are recommended to upgrade to version 1.6.2 as soon as possible. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-58067 - Basecamp Google Sign-In Open Redirect Vulnerability

CVE ID : CVE-2025-58067 Published : Aug. 29, 2025, 9:15 p.m. | 10 hours, 36 minutes ago Description : Basecamp's Google Sign-In adds Google sign-in to Rails applications. Prior to version 1.3.1, it is possible to redirect a user to another origin if the "proceed_to" value in the session store is set to a protocol-relative URL. Normally the value of this URL is only written and read by the library or the calling application. However, it may be possible to set this session value from a malicious site with a form submission. Any Rails applications using the google_sign_in gem may be vulnerable, if this vector can be chained with another attack that is able to modify the OAuth2 request parameters. This issue has been patched in version 1.3.1. There are no workarounds. Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2025-9674 - Transbyte Scooper News App Android Application Component Export Vulnerability

CVE ID : CVE-2025-9674 Published : Aug. 29, 2025, 9:15 p.m. | 10 hours, 36 minutes ago Description : A flaw has been found in Transbyte Scooper News App up to 1.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.hatsune.eagleee. This manipulation causes improper export of android application components. The attack requires local access. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 21:15:00 GMT

read more

CVE-2024-46484 - TRENDnet TV-IP410 OS Command Injection

CVE ID : CVE-2024-46484 Published : Aug. 29, 2025, 8:15 p.m. | 11 hours, 36 minutes ago Description : TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulnerability via the /server/cgi-bin/testserv.cgi component. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-56577 - Evope Core Cryptographic Key Disclosure

CVE ID : CVE-2025-56577 Published : Aug. 29, 2025, 8:15 p.m. | 11 hours, 36 minutes ago Description : An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the use of hard coded cryptographic keys. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-9671 - "UAB Paytend App Android Component Export Vulnerability"

CVE ID : CVE-2025-9671 Published : Aug. 29, 2025, 8:15 p.m. | 11 hours, 36 minutes ago Description : A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. This impacts an unknown function of the file AndroidManifest.xml of the component com.passport.cash. Executing manipulation can lead to improper export of android application components. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-9672 - Rejseplanen App Android Manifest XML Component Export Vulnerability

CVE ID : CVE-2025-9672 Published : Aug. 29, 2025, 8:15 p.m. | 11 hours, 36 minutes ago Description : A security vulnerability has been detected in Rejseplanen App up to 8.2.2. Affected is an unknown function of the file AndroidManifest.xml of the component de.hafas.android.rejseplanen. The manipulation leads to improper export of android application components. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-9673 - Kakao Hey Kakao App Android Manifest XML Component Export Vulnerability

CVE ID : CVE-2025-9673 Published : Aug. 29, 2025, 8:15 p.m. | 11 hours, 36 minutes ago Description : A vulnerability was detected in Kakao 헤이카카오 Hey Kakao App up to 2.17.4 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.kakao.i.connect. The manipulation results in improper export of android application components. The attack requires a local approach. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 20:15:00 GMT

read more

CVE-2025-9670 - Mixmark-io Turndown Regular Expression Denial of Service (ReDoS)

CVE ID : CVE-2025-9670 Published : Aug. 29, 2025, 7:15 p.m. | 12 hours, 36 minutes ago Description : A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown function of the file src/commonmark-rules.js. Performing manipulation results in inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2025-9667 - "Code-Projects Simple Grading System SQL Injection"

CVE ID : CVE-2025-9667 Published : Aug. 29, 2025, 7:15 p.m. | 8 hours, 12 minutes ago Description : A vulnerability was detected in code-projects Simple Grading System 1.0. This affects an unknown part of the file /delete_account.php of the component Admin Panel. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2025-9669 - Jinher OA SQL Injection Vulnerability

CVE ID : CVE-2025-9669 Published : Aug. 29, 2025, 7:15 p.m. | 8 hours, 12 minutes ago Description : A vulnerability has been found in Jinher OA 1.0. This issue affects some unknown processing of the file GetTreeDate.aspx. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2023-41471 - Copyparty Cross Site Scripting Vulnerability

CVE ID : CVE-2023-41471 Published : Aug. 29, 2025, 7:15 p.m. | 5 hours, 24 minutes ago Description : Cross Site Scripting vulnerability in copyparty v.1.9.1 allows a local attacker to execute arbitrary code via a crafted payload to the WEEKEND-PLANS function. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2025-43773 - Liferay Portal Remote Code Execution Vulnerability

CVE ID : CVE-2025-43773 Published : Aug. 29, 2025, 7:15 p.m. | 5 hours, 24 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0, 2025.Q1.0 through 2025.Q1.14, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.18 and 7.4 GA through update 92 has a security vulnerability that allowing for improper access through the expandoTableLocalService. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 19:15:00 GMT

read more

CVE-2025-9666 - "Code-projects Simple Grading System SQL Injection Vulnerability"

CVE ID : CVE-2025-9666 Published : Aug. 29, 2025, 6:15 p.m. | 4 hours, 24 minutes ago Description : A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected by this issue is some unknown functionality of the file /delete_student.php of the component Admin Panel. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30271 - QNAP Operating System Path Traversal Vulnerability

CVE ID : CVE-2025-30271 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30272 - QNAP NULL Pointer Dereference Denial-of-Service Vulnerability

CVE ID : CVE-2025-30272 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30273 - QNAP QTS/QuTS hero Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-30273 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30274 - QNAP QTS and QuTS hero NULL Pointer Dereference Denial-of-Service

CVE ID : CVE-2025-30274 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30275 - Qsync Central NULL Pointer Denial-of-Service Vulnerability

CVE ID : CVE-2025-30275 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30277 - Qsync Central Certificate Validation Vulnerability

CVE ID : CVE-2025-30277 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : An improper certificate validation vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30278 - QNAP Qsync Central Certificate Validation Weakness

CVE ID : CVE-2025-30278 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : An improper certificate validation vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33032 - QNAP QTS and QuTS hero Path Traversal Vulnerability

CVE ID : CVE-2025-33032 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33033 - Qsync Central Path Traversal Vulnerability

CVE ID : CVE-2025-33033 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33036 - Qsync Central Path Traversal Vulnerability

CVE ID : CVE-2025-33036 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 24 minutes ago Description : A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33037 - Qsync Central Path Traversal Vulnerability

CVE ID : CVE-2025-33037 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 23 minutes ago Description : A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-33038 - Qsync Central Path Traversal Vulnerability

CVE ID : CVE-2025-33038 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 23 minutes ago Description : A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-44015 - HybridDesk Station Command Injection Vulnerability

CVE ID : CVE-2025-44015 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 23 minutes ago Description : A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: HybridDesk Station 4.2.18 and later Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-44033 - Oa System SQL Injection Vulnerability

CVE ID : CVE-2025-44033 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 23 minutes ago Description : SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-52856 - VioStor Improper Authentication Vulnerability

CVE ID : CVE-2025-52856 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 23 minutes ago Description : An improper authentication vulnerability has been reported to affect VioStor. If a remote attacker, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: VioStor 5.1.6 build 20250621 and later Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-52861 - VioStor Path Traversal Vulnerability

CVE ID : CVE-2025-52861 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 23 minutes ago Description : A path traversal vulnerability has been reported to affect VioStor. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: VioStor 5.1.6 build 20250621 and later Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-58158 - "Harness Git LFS Arbitrary File Write Vulnerability"

CVE ID : CVE-2025-58158 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 23 minutes ago Description : Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git LFS server (Gitness) exposes api to retrieve and upload files via git LFS. Implementation of upload git LFS file api is vulnerable to arbitrary file write. Due to improper sanitization for upload path, a malicious authenticated user who has access to Harness Gitness server api can use a crafted upload request to write arbitrary file to any location on file system, may even compromise the server. Users using git LFS are vulnerable. This issue has been patched in version 3.3.0. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-9377 - "TP-Link Archer C7/EU and TL-WR841N/ND(MS) Remote Command Execution Vulnerability"

CVE ID : CVE-2025-9377 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 23 minutes ago Description : The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-life). It's recommending to purchase the new product to ensure better performance and security. If replacement is not an option in the short term, please use the second reference link to download and install the patch(es). Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-9665 - Code-projects Simple Grading System SQL Injection Vulnerability

CVE ID : CVE-2025-9665 Published : Aug. 29, 2025, 6:15 p.m. | 2 hours, 23 minutes ago Description : A weakness has been identified in code-projects Simple Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_student.php of the component Admin Panel. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30264 - QNAP QTS Command Injection Vulnerability

CVE ID : CVE-2025-30264 Published : Aug. 29, 2025, 6:15 p.m. | 1 hour, 31 minutes ago Description : A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30265 - QNAP QTS and QuTS hero Buffer Overflow Vulnerability

CVE ID : CVE-2025-30265 Published : Aug. 29, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30267 - QNAP QTS NULL Pointer Denial-of-Service Vulnerability

CVE ID : CVE-2025-30267 Published : Aug. 29, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30268 - QNAP QTS/QhTS NULL Pointer Dereference Denial-of-Service

CVE ID : CVE-2025-30268 Published : Aug. 29, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2025-30270 - QNAP QTS/QuTS Path Traversal Vulnerability

CVE ID : CVE-2025-30270 Published : Aug. 29, 2025, 6:15 p.m. | 1 hour, 30 minutes ago Description : A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 18:15:00 GMT

read more

CVE-2024-12923 - Photo Station Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2024-12923 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo Station 6.4.5 ( 2025/01/02 ) and later Severity: 2.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-22483 - QNAP License Center Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-22483 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: License Center 1.8.51 and later License Center 1.9.51 and later Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-29874 - ASUSTek File Station NULL Pointer Dereference Denial of Service

CVE ID : CVE-2025-29874 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-29875 - ASUSTek File Station NULL Pointer Dereference Denial of Service

CVE ID : CVE-2025-29875 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-29878 - ASUSTek File Station NULL Pointer Denial of Service

CVE ID : CVE-2025-29878 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-29879 - ASUSTek File Station NULL Pointer Dereference DoS Vulnerability

CVE ID : CVE-2025-29879 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-55579 - SolidInvoice Cross Site Scripting (XSS)

CVE ID : CVE-2025-55579 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : SolidInvoice 2.3.7 and fixed in v.2.3.8 is vulnerable to Cross Site Scripting (XSS) in the Tax Rate functionality. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-55580 - SolidInvoice Cross Site Scripting (XSS)

CVE ID : CVE-2025-55580 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : SolidInvoice 2.3.7 and v.2.3.8 is vulnerable to Cross Site Scripting (XSS) in the client's functionality. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-55763 - CivetWeb URI Parser Buffer Overflow Remote Code Execution

CVE ID : CVE-2025-55763 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-9660 - SourceCodester Bakeshop Online Ordering System SQL Injection

CVE ID : CVE-2025-9660 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A vulnerability was found in SourceCodester Bakeshop Online Ordering System 1.0. The impacted element is an unknown function of the file /passwordrecover.php. Performing manipulation of the argument phonenumber results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-9662 - "Simple Grading System SQL Injection Vulnerability in Admin Panel"

CVE ID : CVE-2025-9662 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A vulnerability was determined in code-projects Simple Grading System 1.0. This affects an unknown function of the file /login.php of the component Admin Panel. Executing manipulation can lead to sql injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-9663 - Simple Grading System SQL Injection Vulnerability

CVE ID : CVE-2025-9663 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A vulnerability was identified in code-projects Simple Grading System 1.0. This impacts an unknown function of the file /edit_account.php of the component Admin Panel. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2025-9664 - Simple Grading System SQL Injection Vulnerability

CVE ID : CVE-2025-9664 Published : Aug. 29, 2025, 5:15 p.m. | 29 minutes ago Description : A security flaw has been discovered in code-projects Simple Grading System 1.0. Affected is an unknown function of the file /add_student_grade.php of the component Admin Panel. The manipulation of the argument Add results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 17:15:00 GMT

read more

CVE-2024-46916 - Diebold Nixdorf Vynamic Security Suite File Deletion Code Execution Vulnerability

CVE ID : CVE-2024-46916 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted (e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file). This can allow code execution and, in some versions, enable recovery of TPM Disk Encryption keys and decryption of the Windows system partition. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2024-46917 - Diebold Nixdorf Vynamic Security Suite Arbitrary File Execution Vulnerability

CVE ID : CVE-2024-46917 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or the contents of /root during integrity validation. This allows code execution, recovery of TPM Disk Encryption keys, decryption of the Windows system partition, and full control of the Windows OS, e.g., through ~/.profile changes. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-47909 - Apache CSRF Vulnerability

CVE ID : CVE-2025-47909 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : Hosts listed in TrustedOrigins implicitly allow requests from the corresponding HTTP origins, allowing network MitMs to perform CSRF attacks. After the CVE-2025-24358 fix, a network attacker that places a form at http://example.com can't get it to submit to https://example.com because the Origin header is checked with sameOrigin against a synthetic URL. However, if a host is added to TrustedOrigins, both its HTTP and HTTPS origins will be allowed, because the schema of the synthetic URL is ignored and only the host is checked. For example, if an application is hosted on https://example.com and adds example.net to TrustedOrigins, a network attacker can serve a form at http://example.net to perform the attack. Applications should migrate to net/http.CrossOriginProtection, introduced in Go 1.25. If that is not an option, a backport is available as a module at filippo.io/csrf, and a drop-in replacement for the github.com/gorilla/csrf API is available at filippo.io/csrf/gorilla. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-54877 - Tuleap Unauthorized Artifact Field Access

CVE ID : CVE-2025-54877 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10-5, an attacker can access to the content of the special and always there fields of accessible artifacts even if the permissions associated with the underlying fields do not allow it. This issue has been fixed in Tuleap Community Edition version 16.10.99.1754050155 and Tuleap Enterprise Edition versions 16.9-8 and 16.10-5. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-55177 - WhatsApp iOS/WhatsApp Business for iOS/WhatsApp for Mac URL Processing Authorization Bypass

CVE ID : CVE-2025-55177 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device. We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-55202 - Opencast Path Traversal Vulnerability

CVE ID : CVE-2025-55202 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : Opencast is a free, open-source platform to support the management of educational audio and video content. In version 18.0 and versions before 17.7, the protections against path traversal attacks in the UI config module are insufficient, still partially allowing for attacks in very specific cases. The path is checked without checking for the file separator. This could allow attackers access to files within another folder which starts with the same path. This issue has been fixed in versions 17.7 and 18.1. To mitigate this issue, check for folders that start with the same path as the ui-config folder. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-55750 - Gitpod Bitbucket OAuth Token Exposure

CVE ID : CVE-2025-55750 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : Gitpod is a developer platform for cloud development environments. In versions before main-gha.33628 for both Gitpod Classic and Gitpod Classic Enterprise, OAuth integration with Bitbucket in certain conditions allowed a crafted link to expose a valid Bitbucket access token via the URL fragment when clicked by an authenticated user. This resulted from how Bitbucket returned tokens and how Gitpod handled the redirect flow. The issue was limited to Bitbucket (GitHub and GitLab integrations were not affected), required user interaction, and has been mitigated through redirect handling and OAuth logic hardening. The issue was resolved in main-gha.33628 and later. There are no workarounds. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-5808 - OpenText Self Service Password Reset Authentication Bypass Vulnerability

CVE ID : CVE-2025-5808 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Password Reset from before 4.8 patch 3. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-9656 - PHPGurukul Directory Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9656 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : A security vulnerability has been detected in PHPGurukul Directory Management System 2.0. This vulnerability affects unknown code of the file /admin/add-directory.php. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-9657 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9657 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : A vulnerability was detected in O2OA up to 10.0-410. This issue affects some unknown processing of the file /x_program_center/jaxrs/script of the component Personal Profile Page. The manipulation of the argument name/alias/description results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-9658 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9658 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : A flaw has been found in O2OA up to 10.0-410. Impacted is an unknown function of the file /x_portal_assemble_designer/jaxrs/dict/ of the component Personal Profile Page. This manipulation of the argument name/alias/description causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-9659 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9659 Published : Aug. 29, 2025, 4:15 p.m. | 1 hour, 29 minutes ago Description : A vulnerability has been found in O2OA up to 10.0-410. The affected element is an unknown function of the file /x_portal_assemble_designer/jaxrs/widget of the component Personal Profile Page. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 16:15:00 GMT

read more

CVE-2025-54080 - Exiv2 Out-of-Bounds Read Denial of Service

CVE ID : CVE-2025-54080 Published : Aug. 29, 2025, 3:15 p.m. | 2 hours, 11 minutes ago Description : Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. The bug is fixed in version 0.28.6. Severity: 1.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-55304 - Exiv2 ICC Profile Parsing Denial-of-Service Vulnerability

CVE ID : CVE-2025-55304 Published : Aug. 29, 2025, 3:15 p.m. | 2 hours, 11 minutes ago Description : Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A denial-of-service was found in Exiv2 version 0.28.5: a quadratic algorithm in the ICC profile parsing code in jpegBase::readMetadata() can cause Exiv2 to run for a long time. The denial-of-service is triggered when Exiv2 is used to read the metadata of a crafted jpg image file. The bug is fixed in version 0.28.6. Severity: 1.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9652 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9652 Published : Aug. 29, 2025, 3:15 p.m. | 2 hours, 11 minutes ago Description : A vulnerability was determined in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /intranet/educar_transferencia_tipo_cad.php of the component Cadastrar tipo de transferência Page. This manipulation of the argument nm_tipo/desc_tipo causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9653 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9653 Published : Aug. 29, 2025, 3:15 p.m. | 2 hours, 11 minutes ago Description : A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_projeto_cad.php of the component Cadastrar projeto Page. Such manipulation of the argument nome/observacao leads to cross site scripting. It is possible to launch the attack remotely. The exploit is publicly available and might be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9654 - AiondaDotCom mcp-ssh Command Injection Vulnerability

CVE ID : CVE-2025-9654 Published : Aug. 29, 2025, 3:15 p.m. | 2 hours, 11 minutes ago Description : A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve this issue. The patch is named cd2566a948b696501abfa6c6b03462cac5fb43d8. It is advisable to upgrade the affected component. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9655 - O2OA Cross Site Scripting Vulnerability

CVE ID : CVE-2025-9655 Published : Aug. 29, 2025, 3:15 p.m. | 2 hours, 11 minutes ago Description : A weakness has been identified in O2OA up to 10.0-410. This affects an unknown part of the file /x_organization_assemble_control/jaxrs/person/ of the component Personal Profile Page. Executing manipulation of the argument Description can lead to cross site scripting. The attack can be launched remotely. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 15:15:00 GMT

read more

CVE-2025-9649 - "Appneta Tcpreplay Division-by-Zero Vulnerability"

CVE ID : CVE-2025-9649 Published : Aug. 29, 2025, 2:15 p.m. | 3 hours, 11 minutes ago Description : A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. Upgrading to version 4.5.3-beta3 is recommended to address this issue. It is advisable to upgrade the affected component. The vendor confirms in a GitHub issue reply: "Was able to reproduce in 6fcbf03 but NOT 4.5.3-beta3." Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 14:15:00 GMT

read more

CVE-2025-9650 - Yeqifu CarRental File Path Traversal Vulnerability

CVE ID : CVE-2025-9650 Published : Aug. 29, 2025, 2:15 p.m. | 3 hours, 11 minutes ago Description : A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This affects the function removeFileByPath of the file src/main/java/com/yeqifu/sys/utils/AppFileUtils.java. The manipulation of the argument carimg leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This product adopts a rolling release strategy to maintain continuous delivery Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 14:15:00 GMT

read more

CVE-2025-9651 - Shafhasan Chatbox SQL Injection Vulnerability

CVE ID : CVE-2025-9651 Published : Aug. 29, 2025, 2:15 p.m. | 3 hours, 11 minutes ago Description : A vulnerability was found in shafhasan chatbox up to 156a39cde62f78532c3265a70eda12c70907e56f. This impacts an unknown function of the file /chat.php. The manipulation of the argument user_id results in sql injection. The attack may be performed from a remote location. The exploit has been made public and could be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 14:15:00 GMT

read more

CVE-2025-9644 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9644 Published : Aug. 29, 2025, 1:15 p.m. | 4 hours, 11 minutes ago Description : A vulnerability was determined in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /setting/bill_setup.php. Executing manipulation of the argument txtBillType can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 13:15:00 GMT

read more

CVE-2025-9645 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9645 Published : Aug. 29, 2025, 1:15 p.m. | 4 hours, 11 minutes ago Description : A vulnerability was identified in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /t_dashboard/r_all_info.php. The manipulation of the argument mid leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 13:15:00 GMT

read more

CVE-2025-9646 - O2OA Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9646 Published : Aug. 29, 2025, 1:15 p.m. | 4 hours, 11 minutes ago Description : A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /x_organization_assemble_personal/jaxrs/definition/calendarConfig. The manipulation of the argument toMonthViewName results in cross site scripting. The attack can be launched remotely. The exploit has been released to the public and may be exploited. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 13:15:00 GMT

read more

CVE-2025-9647 - Mtons MBlog Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9647 Published : Aug. 29, 2025, 1:15 p.m. | 4 hours, 11 minutes ago Description : A weakness has been identified in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /admin/role/list. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 13:15:00 GMT

read more

CVE-2025-40702 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-40702 Published : Aug. 29, 2025, 12:15 p.m. | 3 hours, 47 minutes ago Description : Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/file" petition, "creator" and "license_holder" parameters. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40703 - OpenAtlas Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-40703 Published : Aug. 29, 2025, 12:15 p.m. | 3 hours, 47 minutes ago Description : Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/group" petition, "name" and "alias-0” parameters. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40704 - OpenAtlas XSS: Unvalidated User Input in "/insert/edition" "/name" Parameter

CVE ID : CVE-2025-40704 Published : Aug. 29, 2025, 12:15 p.m. | 3 hours, 47 minutes ago Description : Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/edition" petition, "name" parameter. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40705 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40705 Published : Aug. 29, 2025, 12:15 p.m. | 3 hours, 47 minutes ago Description : Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/acquisition" petition, "name" parameter. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40706 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40706 Published : Aug. 29, 2025, 12:15 p.m. | 3 hours, 47 minutes ago Description : Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/source" petition, "name" parameter. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40707 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-40707 Published : Aug. 29, 2025, 12:15 p.m. | 3 hours, 47 minutes ago Description : Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/place" petition, "name" and "alias-0” parameters. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40708 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40708 Published : Aug. 29, 2025, 12:15 p.m. | 3 hours, 47 minutes ago Description : Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/event" petition, "name" parameter. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-40709 - OpenAtlas ACDH-CH Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40709 Published : Aug. 29, 2025, 12:15 p.m. | 3 hours, 47 minutes ago Description : Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage (ACDH-CH), due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an authenticated user and steal their session cookie details, via the "/insert/person/” petition, "name" and "alias-0” parameters. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2025-9643 - ApacheCampus Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9643 Published : Aug. 29, 2025, 12:15 p.m. | 3 hours, 47 minutes ago Description : A vulnerability was found in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /setting/utility_bill_setup.php. Performing manipulation of the argument txtGasBill results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 12:15:00 GMT

read more

CVE-2024-13342 - "Booster for WooCommerce Remote File Upload Vulnerability"

CVE ID : CVE-2024-13342 Published : Aug. 29, 2025, 11:15 a.m. | 4 hours, 47 minutes ago Description : The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'add_files_to_order' function in all versions up to, and including, 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files with double extensions on the affected site's server which may make remote code execution possible. This is only exploitable on select instances where the configuration will execute the first extension present. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 11:15:00 GMT

read more

CVE-2025-9217 - Slider Revolution WordPress Path Traversal Vulnerability

CVE ID : CVE-2025-9217 Published : Aug. 29, 2025, 11:15 a.m. | 4 hours, 47 minutes ago Description : The Slider Revolution plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.7.36 via the 'used_svg' and 'used_images' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 11:15:00 GMT

read more

CVE-2025-9071 - Oberon PSA Crypto RSA Padding Vulnerability

CVE ID : CVE-2025-9071 Published : Aug. 29, 2025, 10:15 a.m. | 5 hours, 47 minutes ago Description : Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated messages, and loss of security proofs. Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-4643 - Payload JWT Authentication Token Reuse Vulnerability

CVE ID : CVE-2025-4643 Published : Aug. 29, 2025, 10:15 a.m. | 4 hours, 22 minutes ago Description : Payload uses JSON Web Tokens (JWT) for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted token to freely reuse it until expiration date (which is by default set to 2 hours, but can be changed). This issue has been fixed in version 3.44.0 of Payload. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-4644 - Payload SQLite Adapter Session Fixation

CVE ID : CVE-2025-4644 Published : Aug. 29, 2025, 10:15 a.m. | 4 hours, 22 minutes ago Description : A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token (JWT), and then delete the account, which did not invalidate the JWT. As a result, the next newly created user would receive the same identifier, allowing the attacker to reuse the JWT to authenticate and perform actions as that user. This issue has been fixed in version 3.44.0 of Payload. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-7071 - Oberon Microsystems AG Ocrypto AES-CBC Padding Oracle Attack

CVE ID : CVE-2025-7071 Published : Aug. 29, 2025, 10:15 a.m. | 4 hours, 22 minutes ago Description : Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-7383 - Oberon PSA Crypto Padding Oracle Attack

CVE ID : CVE-2025-7383 Published : Aug. 29, 2025, 10:15 a.m. | 4 hours, 22 minutes ago Description : Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 10:15:00 GMT

read more

CVE-2025-8150 - "Elementor Events Addon Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-8150 Published : Aug. 29, 2025, 9:15 a.m. | 5 hours, 22 minutes ago Description : The Events Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typewriter and Countdown widgets in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 09:15:00 GMT

read more

CVE-2024-13987 - Synology RADIUS Server Cross-site Scripting Vulnerability

CVE ID : CVE-2024-13987 Published : Aug. 29, 2025, 8:15 a.m. | 6 hours, 22 minutes ago Description : Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server before 3.0.27-0139 allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 08:15:00 GMT

read more

CVE-2025-54777 - Fuji Xerox bizhub S/MIME Email Certificate Denial-of-Service Vulnerability

CVE ID : CVE-2025-54777 Published : Aug. 29, 2025, 7:15 a.m. | 5 hours, 39 minutes ago Description : Uncaught exception issue exists in Multiple products in bizhub series. If a malformed file is imported as an S/MIME Email certificate, it may cause a denial-of-service issue that disable the Web Connection feature. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 07:15:00 GMT

read more

CVE-2025-53508 - iND Co.,Ltd iND Command Injection Vulnerability

CVE ID : CVE-2025-53508 Published : Aug. 29, 2025, 5:15 a.m. | 7 hours, 39 minutes ago Description : Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and sensitive information may be obtained. As for the details of affected product names and versions, refer to the information under [Product Status]. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-8147 - WordPress LWSCache Plugin Authorization Bypass

CVE ID : CVE-2025-8147 Published : Aug. 29, 2025, 5:15 a.m. | 7 hours, 39 minutes ago Description : The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to improper authorization on the lwscache_activatePlugin() function in all versions up to, and including, 2.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate arbitrary whitelisted LWS plugins. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-8290 - WordPress List Subpages Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8290 Published : Aug. 29, 2025, 5:15 a.m. | 7 hours, 39 minutes ago Description : The List Subpages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-8619 - Elementor OSM Map Widget Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8619 Published : Aug. 29, 2025, 5:15 a.m. | 7 hours, 39 minutes ago Description : The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map Block URL in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-9374 - "Ultimate Tag Warrior Importer CSRF"

CVE ID : CVE-2025-9374 Published : Aug. 29, 2025, 5:15 a.m. | 7 hours, 39 minutes ago Description : The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to import tags granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-9441 - WordPress iATS Online Forms SQL Injection

CVE ID : CVE-2025-9441 Published : Aug. 29, 2025, 5:15 a.m. | 7 hours, 39 minutes ago Description : The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order' parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-53507 - iND Co.,Ltd iND Product Sensitive Information Disclosure

CVE ID : CVE-2025-53507 Published : Aug. 29, 2025, 5:15 a.m. | 6 hours, 26 minutes ago Description : Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under [Product Status]. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 05:15:00 GMT

read more

CVE-2025-9610 - Code-projects Online Event Judging System SQL Injection

CVE ID : CVE-2025-9610 Published : Aug. 29, 2025, 4:16 a.m. | 7 hours, 26 minutes ago Description : A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Other parameters might be affected as well. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 04:16:00 GMT

read more

CVE-2025-9619 - Mercatus ERP Remote Resource ID Manipulation Vulnerability

CVE ID : CVE-2025-9619 Published : Aug. 29, 2025, 4:16 a.m. | 7 hours, 26 minutes ago Description : A security flaw has been discovered in E4 Sistemas Mercatus ERP 2.00.019. The affected element is an unknown function of the file /basico/webservice/imprimir-danfe/id/. Performing manipulation results in improper control of resource identifiers. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 04:16:00 GMT

read more

CVE-2025-9639 - Ai3 QbiCRMGateway Arbitrary File Reading Vulnerability

CVE ID : CVE-2025-9639 Published : Aug. 29, 2025, 4:16 a.m. | 7 hours, 26 minutes ago Description : The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 04:16:00 GMT

read more

CVE-2025-8857 - Changing Clinic Image System Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-8857 Published : Aug. 29, 2025, 4:15 a.m. | 7 hours, 26 minutes ago Description : Clinic Image System developed by Changing contains hard-coded Credentials, allowing unauthenticated remote attackers to log into the system using administrator credentials embedded in the source code. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 04:15:00 GMT

read more

CVE-2025-8858 - Changing Clinic Image System SQL Injection Vulnerability

CVE ID : CVE-2025-8858 Published : Aug. 29, 2025, 4:15 a.m. | 7 hours, 26 minutes ago Description : Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 04:15:00 GMT

read more

CVE-2025-8861 - "Changing TSA Missing Authentication Vulnerability"

CVE ID : CVE-2025-8861 Published : Aug. 29, 2025, 4:15 a.m. | 7 hours, 26 minutes ago Description : TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 04:15:00 GMT

read more

CVE-2025-9609 - Portabilis i-Educar Improper Authorization Remote Code Execution

CVE ID : CVE-2025-9609 Published : Aug. 29, 2025, 4:15 a.m. | 7 hours, 26 minutes ago Description : A vulnerability was found in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /educacenso/consulta. The manipulation results in improper authorization. The attack can be executed remotely. The exploit has been made public and could be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 04:15:00 GMT

read more

CVE-2025-9608 - Portabilis i-Educar Formula de Cálculo de Média Page SQL Injection

CVE ID : CVE-2025-9608 Published : Aug. 29, 2025, 3:15 a.m. | 8 hours, 26 minutes ago Description : A vulnerability has been found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/FormulaMedia/view of the component Formula de Cálculo de Média Page. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-9606 - Portabilis i-Educar SQL Injection Vulnerability

CVE ID : CVE-2025-9606 Published : Aug. 29, 2025, 3:15 a.m. | 7 hours, 39 minutes ago Description : A vulnerability was detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/agenda_preferencias.php. Performing manipulation of the argument cod_agenda results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-9607 - Portabilis i-Educar SQL Injection Vulnerability

CVE ID : CVE-2025-9607 Published : Aug. 29, 2025, 3:15 a.m. | 7 hours, 39 minutes ago Description : A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this issue is some unknown functionality of the file /module/TabelaArredondamento/view of the component Tabelas de Arredondamento Page. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58330 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-58330 Published : Aug. 29, 2025, 3:15 a.m. | 7 hours, 12 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58331 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-58331 Published : Aug. 29, 2025, 3:15 a.m. | 7 hours, 12 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58332 - Apache HTTP Server Command Injection Vulnerability

CVE ID : CVE-2025-58332 Published : Aug. 29, 2025, 3:15 a.m. | 7 hours, 12 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58333 - Apache HTTPD Cross-Site Request Forgery

CVE ID : CVE-2025-58333 Published : Aug. 29, 2025, 3:15 a.m. | 7 hours, 12 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-9605 - Tenda AC21/AC23 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9605 Published : Aug. 29, 2025, 3:15 a.m. | 7 hours, 12 minutes ago Description : A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Severity: 10.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58329 - Oracle WebLogic Server Deserialization RCE

CVE ID : CVE-2025-58329 Published : Aug. 29, 2025, 3:15 a.m. | 5 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58327 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-58327 Published : Aug. 29, 2025, 3:15 a.m. | 3 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58328 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-58328 Published : Aug. 29, 2025, 3:15 a.m. | 3 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-39245 - HikCentral Master Lite CSV Injection Vulnerability

CVE ID : CVE-2025-39245 Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 38 minutes ago Description : There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-39246 - HikCentral FocSign Unquoted Service Path Privilege Escalation Vulnerability

CVE ID : CVE-2025-39246 Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 38 minutes ago Description : There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-39247 - HikCentral Professional Unauthenticated Privilege Escalation

CVE ID : CVE-2025-39247 Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 38 minutes ago Description : There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58323 - NAVER MYBOX Explorer Windows Privilege Escalation Vulnerability

CVE ID : CVE-2025-58323 Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 38 minutes ago Description : NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-58326 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-58326 Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 38 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 03:15:00 GMT

read more

CVE-2025-9603 - Telesquare TLR-2005KSH Command Injection Vulnerability

CVE ID : CVE-2025-9603 Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 39 minutes ago Description : A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 02:15:00 GMT

read more

CVE-2025-9604 - Coze-Studio Hardcoded Cryptographic Key Vulnerability

CVE ID : CVE-2025-9604 Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 39 minutes ago Description : A vulnerability was identified in coze-studio up to 0.2.4. The impacted element is an unknown function of the file backend/domain/plugin/encrypt/aes.go. The manipulation of the argument AuthSecretKey/StateSecretKey/OAuthTokenSecretKey leads to use of hard-coded cryptographic key . It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is regarded as difficult. To fix this issue, it is recommended to deploy a patch. The vendor replied to the GitHub issue (translated from simplified Chinese): "For scenarios requiring encryption, we will implement user-defined key management through configuration and optimize the use of encryption tools, such as random salt." Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 02:15:00 GMT

read more

CVE-2025-9601 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9601 Published : Aug. 29, 2025, 2:15 a.m. | 1 hour, 57 minutes ago Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /setting/employee_salary_setup.php. The manipulation of the argument ddlEmpName results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 02:15:00 GMT

read more

CVE-2025-9602 - Xinhu RockOA Remote Authorization Bypass

CVE ID : CVE-2025-9602 Published : Aug. 29, 2025, 2:15 a.m. | 1 hour, 57 minutes ago Description : A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 02:15:00 GMT

read more

CVE-2025-43268 - Apple macOS Sequoia Root Privilege Escalation

CVE ID : CVE-2025-43268 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 57 minutes ago Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-43284 - Apple macOS Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-43284 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 57 minutes ago Description : An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. An app may be able to cause unexpected system termination. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-54142 - Akamai Ghost HTTP Request Smuggling

CVE ID : CVE-2025-54142 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 57 minutes ago Description : Akamai Ghost before 2025-07-21 allows HTTP Request Smuggling via an OPTIONS request that has an entity body, because there can be a subsequent request within the persistent connection between an Akamai proxy server and an origin server, if the origin server violates certain Internet standards. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-9599 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9599 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 57 minutes ago Description : A weakness has been identified in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /setting/month_setup.php. Executing manipulation of the argument txtMonthName can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-9600 - "Isourcecode Apartment Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-9600 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 57 minutes ago Description : A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /setting/member_type_setup.php. The manipulation of the argument txtMemberType leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2024-44271 - Apple macOS Sequoia Screen Recording Vulnerability

CVE ID : CVE-2024-44271 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago Description : The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2024-54554 - "Apple macOS Sequoia Symlink Data Access Vulnerability"

CVE ID : CVE-2024-54554 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago Description : This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2024-54568 - "Apple macOS Sequoia Unexpected App Termination Vulnerability"

CVE ID : CVE-2024-54568 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago Description : The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. Parsing a maliciously crafted file may lead to an unexpected app termination. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-40927 - Perl CGI::Simple HTTP Response Splitting Vulnerability

CVE ID : CVE-2025-40927 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago Description : CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw This vulnerability is a confirmed HTTP response splitting flaw in CGI::Simple that allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions. Although some validation exists, it can be bypassed using URL-encoded values, allowing an attacker to inject untrusted content into the response via query parameters. As a result, an attacker can inject a line break (e.g. %0A) into the parameter value, causing the server to split the HTTP response and inject arbitrary headers or even an HTML/JavaScript body, leading to reflected cross-site scripting (XSS), open redirect or other attacks. The issue documented in CVE-2010-4410 https://www.cve.org/CVERecord?id=CVE-2010-4410 is related but the fix was incomplete. Impact By injecting %0A (newline) into a query string parameter, an attacker can: * Break the current HTTP header * Inject a new header or entire body * Deliver a script payload that is reflected in the server’s response That can lead to the following attacks: * reflected XSS * open redirect * cache poisoning * header manipulation Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-43187 - Apple macOS HDIUTIL Code Execution Vulnerability

CVE ID : CVE-2025-43187 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago Description : This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. Running an hdiutil command may unexpectedly execute arbitrary code. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-43255 - Apple macOS IOMemoryDescriptor Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-43255 Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago Description : An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Sequoia 15.6, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 01:15:00 GMT

read more

CVE-2025-48979 - "UISP Command Injection Vulnerability"

CVE ID : CVE-2025-48979 Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago Description : An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-9595 - Code-projects Student Information Management System Cross Site Scripting Vulnerability

CVE ID : CVE-2025-9595 Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago Description : A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. The attack may be performed from a remote location. The exploit has been made public and could be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-9596 - iSourcecode Sports Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9596 Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago Description : A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-9597 - Itsoucecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9597 Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago Description : A vulnerability was identified in itsourcecode Apartment Management System 1.0. This impacts an unknown function of the file /o_dashboard/rented_all_info.php. Such manipulation of the argument uid leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-9598 - Apache Management System SQL Injection

CVE ID : CVE-2025-9598 Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago Description : A security flaw has been discovered in itsourcecode Apartment Management System 1.0. Affected is an unknown function of the file /setting/year_setup.php. Performing manipulation of the argument txtXYear results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 29 Aug 2025 00:15:00 GMT

read more

CVE-2025-58062 - OpenMCP Client OS Command Injection Vulnerability

CVE ID : CVE-2025-58062 Published : Aug. 28, 2025, 11:15 p.m. | 4 hours, 4 minutes ago Description : LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp developer. Prior to version 0.1.12, when users on a Windows platform connect to an attacker controlled MCP server, attackers could provision a malicious authorization server endpoint to silently achieve an OS command injection attack in the open() invocation, leading to client system compromise. This issue has been patched in version 0.1.12. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 23:15:00 GMT

read more

CVE-2025-9593 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9593 Published : Aug. 28, 2025, 11:15 p.m. | 4 hours, 4 minutes ago Description : A flaw has been found in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/unit_status_info.php. Executing manipulation of the argument usid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 23:15:00 GMT

read more

CVE-2025-9594 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9594 Published : Aug. 28, 2025, 11:15 p.m. | 4 hours, 4 minutes ago Description : A vulnerability has been found in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /report/complain_info.php. The manipulation of the argument vid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 23:15:00 GMT

read more

CVE-2025-9591 - ZrLog Cross-Site Scripting Vulnerability in Theme Configuration Form

CVE ID : CVE-2025-9591 Published : Aug. 28, 2025, 10:15 p.m. | 5 hours, 4 minutes ago Description : A security vulnerability has been detected in ZrLog up to 3.1.5. This vulnerability affects unknown code of the file /api/admin/template/config of the component Theme Configuration Form. Such manipulation of the argument footerLink leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-9592 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9592 Published : Aug. 28, 2025, 10:15 p.m. | 5 hours, 4 minutes ago Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/bill_info.php. Performing manipulation of the argument vid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-58058 - xz LZMA Header Buffer Overflow Vulnerability

CVE ID : CVE-2025-58058 Published : Aug. 28, 2025, 10:15 p.m. | 2 hours, 22 minutes ago Description : xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current implementation allocates the full decoding buffer directly after reading the header. The LZMA header doesn't include a magic number or has a checksum to detect such an issue according to the specification. Note that the code recognizes the issue later while reading the stream, but at this time the memory allocation has already been done. This issue has been patched in version 0.5.14. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-58061 - OpenEBS Local PV RawFile World Readable Persistent Volume Data

CVE ID : CVE-2025-58061 Published : Aug. 28, 2025, 10:15 p.m. | 2 hours, 22 minutes ago Description : OpenEBS Local PV RawFile allows dynamic deployment of Stateful Persistent Node-Local Volumes & Filesystems for Kubernetes. Prior to version 0.10.0, persistent volume data is world readable and that would allow non-privileged users to access sensitive data such as databases of k8s workload. The rawfile-localpv storage class creates persistent volume data under /var/csi/rawfile/ on Kubernetes hosts by default. However, the directory and data in it are world-readable. It allows non-privileged users to access the whole persistent volume data, and those can include sensitive information such as a whole database if the Kubernetes tenants are running MySQL or PostgreSQL in a container so it could lead to a database breach. This issue has been patched in version 0.10.0. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-9589 - Cudy WR1200EA Default Password Disclosure

CVE ID : CVE-2025-9589 Published : Aug. 28, 2025, 10:15 p.m. | 2 hours, 22 minutes ago Description : A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-9590 - Weaver E-Mobile Mobile Management Platform Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9590 Published : Aug. 28, 2025, 10:15 p.m. | 2 hours, 21 minutes ago Description : A vulnerability was identified in Weaver E-Mobile Mobile Management Platform up to 20250813. Affected by this vulnerability is an unknown functionality. The manipulation of the argument gohome leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 22:15:00 GMT

read more

CVE-2025-9585 - Comfast CF-N1 Command Injection Vulnerability

CVE ID : CVE-2025-9585 Published : Aug. 28, 2025, 9:15 p.m. | 3 hours, 21 minutes ago Description : A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilith_delete_pic_file of the file /usr/bin/webmgnt. This manipulation of the argument portal_delete_picname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 21:15:00 GMT

read more

CVE-2025-9586 - Comfast CF-N1 Command Injection Vulnerability

CVE ID : CVE-2025-9586 Published : Aug. 28, 2025, 9:15 p.m. | 3 hours, 21 minutes ago Description : A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affects the function wireless_device_dissoc of the file /usr/bin/webmgnt. Such manipulation of the argument mac leads to command injection. The attack may be performed from a remote location. The exploit is publicly available and might be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 21:15:00 GMT

read more

CVE-2025-6203 - HashiCorp Vault CPU and Memory Exhaustion Vulnerability

CVE ID : CVE-2025-6203 Published : Aug. 28, 2025, 8:15 p.m. | 4 hours, 21 minutes ago Description : A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to become unresponsive. This vulnerability, CVE-2025-6203, is fixed in Vault Community Edition 1.20.3 and Vault Enterprise 1.20.3, 1.19.9, 1.18.14, and 1.16.25. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 20:15:00 GMT

read more

CVE-2025-9582 - Comfast CF-N1 Command Injection Vulnerability

CVE ID : CVE-2025-9582 Published : Aug. 28, 2025, 8:15 p.m. | 4 hours, 21 minutes ago Description : A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntp_timezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 20:15:00 GMT

read more

CVE-2025-9583 - Comfast CF-N1 Command Injection Vulnerability

CVE ID : CVE-2025-9583 Published : Aug. 28, 2025, 8:15 p.m. | 4 hours, 21 minutes ago Description : A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerability is the function ping_config of the file /usr/bin/webmgnt. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 20:15:00 GMT

read more

CVE-2025-9584 - Comfast CF-N1 Command Injection Vulnerability

CVE ID : CVE-2025-9584 Published : Aug. 28, 2025, 8:15 p.m. | 4 hours, 21 minutes ago Description : A vulnerability was found in Comfast CF-N1 2.6.0. Affected by this issue is the function update_interface_png of the file /usr/bin/webmgnt. The manipulation of the argument interface/display_name results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 20:15:00 GMT

read more

CVE-2025-57220 - Tenda AC10 Privilege Escalation Remote Code Execution

CVE ID : CVE-2025-57220 Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago Description : An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 to escalate privileges to root via a crafted UDP packet. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-9577 - TOTOLINK X2000R Default Credentials Vulnerability

CVE ID : CVE-2025-9577 Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago Description : A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to the public and may be exploited. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-9579 - "LB-LINK BL-X26 HTTP Handler Os Command Injection Vulnerability"

CVE ID : CVE-2025-9579 Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago Description : A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/set_hidessid_cfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-9580 - LB-LINK BL-X26 HTTP Handler Os Command Injection Vulnerability

CVE ID : CVE-2025-9580 Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago Description : A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/set_blacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-9581 - Comfast CF-N1 Command Injection Vulnerability

CVE ID : CVE-2025-9581 Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago Description : A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multi_pppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phy_interface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-57215 - Tenda AC10 Stack Overflow Vulnerability

CVE ID : CVE-2025-57215 Published : Aug. 28, 2025, 7:15 p.m. | 3 hours, 21 minutes ago Description : Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-57219 - Tenda AC10 Unauthenticated Privilege Escalation Vulnerability

CVE ID : CVE-2025-57219 Published : Aug. 28, 2025, 7:15 p.m. | 3 hours, 21 minutes ago Description : Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate privileges or access sensitive components via a crafted request. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 19:15:00 GMT

read more

CVE-2025-58048 - Paymenter File Upload Arbitrary Code Execution

CVE ID : CVE-2025-58048 Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago Description : Paymenter is a free and open-source webshop solution for hostings. Prior to version 1.2.11, the ticket attachments functionality in Paymenter allows a malicious authenticated user to upload arbitrary files. This could result in sensitive data extraction from the database, credentials being read from configuration files, and arbitrary system commands being run under the web server user context. This vulnerability was patched by commit 87c3db4 and was released under the version 1.2.11 tag without any other code modifications compared to version 1.2.10. If upgrading is not immediately possible, administrators can mitigate this vulnerability with one or more of the following measures: updating nginx config to download attachments instead of executing them or disallowing access to /storage/ fully using a WAF such as Cloudflare. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-58049 - XWiki Platform Unencrypted Cookies Storage Vulnerability

CVE ID : CVE-2025-58049 Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago Description : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions from 14.4.2 to before 16.4.8, 16.5.0-rc-1 to before 16.10.7, and 17.0.0-rc-1 to before 17.4.0-rc-1, the PDF export jobs store sensitive cookies unencrypted in job statuses. XWiki shouldn't store passwords in plain text, and it shouldn't be possible to gain access to plain text passwords by gaining access to, e.g., a backup of the data directory. This vulnerability has been patched in XWiki 16.4.8, 16.10.7, and 17.4.0-rc-1. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-58059 - Valtimo Business Process Automation Remote Code Execution and Data Access Vulnerability

CVE ID : CVE-2025-58059 Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago Description : Valtimo is a platform for Business Process Automation. In versions before 12.16.0.RELEASE, and from 13.0.0.RELEASE to before 13.1.2.RELEASE, any admin that can create or modify and execute process-definitions could gain access to sensitive data or resources. This includes but is not limited to: running executables on the application host, inspecting and extracting data from the host environment or application properties, spring beans (application context, database pooling). The following conditions have to be met in order to perform this attack: the user must be logged in, have the admin role, and must have some knowledge about running scripts via a the Camunda/Operator engine. Version 12.16.0 and 13.1.2 have been patched. It is strongly advised to upgrade. If no scripting is needed in any of the processes, it could be possible to disable it altogether via the ProcessEngineConfiguration. However, this workaround could lead to unexpected side-effects. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-9195 - Solidigm DC Products Firmware Denial of Service

CVE ID : CVE-2025-9195 Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago Description : Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-9575 - Linksys Router CGI Upload Command Injection Vulnerability

CVE ID : CVE-2025-9575 Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-9576 - Seeedstudio ReSpeaker LinkIt7688 Unauthenticated Default Credentials Disclosure

CVE ID : CVE-2025-9576 Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago Description : A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-31971 - AIML Solutions for HCL SX SSRF

CVE ID : CVE-2025-31971 Published : Aug. 28, 2025, 6:15 p.m. | 2 hours, 21 minutes ago Description : AIML Solutions for HCL SX is vulnerable to a URL validation vulnerability. The issue may allow attackers to launch a server-side request forgery (SSRF) attack enabling unauthorized network calls from the system, potentially exposing internal services or sensitive information. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-57217 - Tenda AC10 Stack Overflow Vulnerability

CVE ID : CVE-2025-57217 Published : Aug. 28, 2025, 6:15 p.m. | 2 hours, 21 minutes ago Description : Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-57218 - Tenda AC10 Stack Overflow Vulnerability

CVE ID : CVE-2025-57218 Published : Aug. 28, 2025, 6:15 p.m. | 2 hours, 21 minutes ago Description : Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-58047 - Plone Volto NodeJS Server Crash

CVE ID : CVE-2025-58047 Published : Aug. 28, 2025, 6:15 p.m. | 2 hours, 21 minutes ago Description : Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a specific URL. The problem has been patched in versions 16.34.0, 17.22.1, 18.24.0, and 19.0.0-alpha.4. To mitigate downtime, have setup automatically restart processes that quit with an error. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 18:15:00 GMT

read more

CVE-2025-57759 - Contao Unauthenticated Permission Bypass Vulnerability

CVE ID : CVE-2025-57759 Published : Aug. 28, 2025, 5:15 p.m. | 3 hours, 21 minutes ago Description : Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no workarounds. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-57819 - FreePBX Unauthenticated Remote Code Execution Vulnerability

CVE ID : CVE-2025-57819 Published : Aug. 28, 2025, 5:15 p.m. | 3 hours, 21 minutes ago Description : FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-58334 - JetBrains IDE Services Privilege Escalation Vulnerability

CVE ID : CVE-2025-58334 Published : Aug. 28, 2025, 5:15 p.m. | 3 hours, 21 minutes ago Description : In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate permissions could assign high-privileged role for themselves Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-58335 - JetBrains Junie Remote Information Disclosure Vulnerability

CVE ID : CVE-2025-58335 Published : Aug. 28, 2025, 5:15 p.m. | 3 hours, 21 minutes ago Description : In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 information disclosure was possible via search_project function Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-31979 - HCL BigFix SM File Upload Validation Bypass

CVE ID : CVE-2025-31979 Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 23 minutes ago Description : A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix SM, where the application fails to properly enforce file type restrictions during the upload process. An attacker may exploit this flaw to upload malicious or unauthorized files, such as scripts, executables, or web shells, by bypassing client-side or server-side validation mechanisms. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-57756 - Contao Information Disclosure Vulnerability

CVE ID : CVE-2025-57756 Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 23 minutes ago Description : Contao is an Open Source CMS. In versions starting from 4.9.14 and prior to 4.13.56, 5.3.38, and 5.6.1, protected content elements that are rendered as fragments are indexed and become publicly available in the front end search. This issue has been patched in versions 4.13.56, 5.3.38, and 5.6.1. A workaround involves disabling the front end search. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-57757 - Contao RSS Feed Information Disclosure Vulnerability

CVE ID : CVE-2025-57757 Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 23 minutes ago Description : Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, if a news feed contains protected news archives, their news items are not filtered and become publicly available in the RSS feed. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not adding protected news archives to the news feed page. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-57758 - Contao Table Access Voter Privilege Escalation Vulnerability

CVE ID : CVE-2025-57758 Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 23 minutes ago Description : Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying solely on the voter and additionally to check USER_CAN_ACCESS_MODULE. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-31977 - HCL BigFix SM Cryptographic Weakness

CVE ID : CVE-2025-31977 Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 14 minutes ago Description : HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2025-31972 - HCL BigFix SM Sensitive Information Exposure

CVE ID : CVE-2025-31972 Published : Aug. 28, 2025, 5:15 p.m. | 1 hour, 6 minutes ago Description : HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal connections do not use TLS encryption which could allow an attacker unauthorized access to sensitive data transmitted between internal components. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 17:15:00 GMT

read more

CVE-2024-13986 - Nagios XI Remote Code Execution Vulnerability

CVE ID : CVE-2024-13986 Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago Description : Nagios XI 2024R1.3.2 contains a remote code execution vulnerability by chaining two flaws: an arbitrary file upload and a path traversal in the Core Config Snapshots interface. The issue arises from insufficient validation of file paths and extensions during MIB upload and snapshot rename operations. Exploitation results in the placement of attacker-controlled PHP files in a web-accessible directory, executed as the www-data user. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-25010 - Kibana Privilege Escalation Vulnerability

CVE ID : CVE-2025-25010 Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago Description : Incorrect authorization in Kibana can lead to privilege escalation via the built-in reporting_user role which incorrectly has the ability to access all Kibana Spaces. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-29364 - Spim Simulator Spim Buffer Overflow Vulnerability

CVE ID : CVE-2025-29364 Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago Description : spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READ_SYSCALL and WRITE_SYSCALL system calls. The application verifies the legitimacy of the starting and ending addresses for memory read/write operations. By configuring the starting and ending addresses for memory read/write to point to distinct memory segments within the virtual machine, it is possible to circumvent these checks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-51643 - Meitrack T366G-L GPS Tracker Unauthenticated SPI Flash Chip Extraction

CVE ID : CVE-2025-51643 Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago Description : Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is accessible without authentication or tamper protection. An attacker with physical access to the device can use a standard SPI programmer to extract the firmware using flashrom. This results in exposure of sensitive configuration data such as APN credentials, backend server information, and network parameter Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-57767 - Asterisk SIP Authorization Header Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-57767 Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago Description : Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header with an incorrect realm was received without a previous 401 response being sent, the get_authorization_header() function in res_pjsip_authenticator_digest will return a NULL. This wasn't being checked before attempting to get the digest algorithm from the header which causes a SEGV. This issue has been patched in versions 20.15.2, 21.10.2, and 22.5.2. There are no workarounds. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 16:15:00 GMT

read more

CVE-2025-52054 - Tenda AC8 MAC Address Guessable Root Password Vulnerability

CVE ID : CVE-2025-52054 Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago Description : An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate with network services on the device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2025-54995 - Asterisk Resource Exhaustion and Leak Vulnerability

CVE ID : CVE-2025-54995 Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago Description : Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 18.26.4 and 18.9-cert17, RTP UDP ports and internal resources can leak due to a lack of session termination. This could result in leaks and resource exhaustion. This issue has been patched in versions 18.26.4 and 18.9-cert17. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2025-55583 - D-Link DIR-868L Command Injection Vulnerability

CVE ID : CVE-2025-55583 Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago Description : D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command injection vulnerability in the fileaccess.cgi component. The endpoint /dws/api/UploadFile accepts a pre_api_arg parameter that is passed directly to system-level shell execution functions without sanitization or authentication. Remote attackers can exploit this to execute arbitrary commands as root via crafted HTTP requests. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2025-56236 - FormCms Stored XSS Vulnerability

CVE ID : CVE-2025-56236 Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago Description : FormCms v0.5.5 contains a stored cross-site scripting (XSS) vulnerability in the avatar upload feature. Authenticated users can upload .html files containing malicious JavaScript, which are accessible via a public URL. When a privileged user accesses the file, the script executes in their browser context. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2025-8067 - Udisks D-BUS Loop Device Handler Index Validation Bypass

CVE ID : CVE-2025-8067 Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago Description : A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 15:16:00 GMT

read more

CVE-2024-48908 - Lychee Link Checking Action Arbitrary Code Injection Vulnerability

CVE ID : CVE-2024-48908 Published : Aug. 28, 2025, 3:15 p.m. | 3 hours, 6 minutes ago Description : lychee link checking action checks links in Markdown, HTML, and text files using lychee. Prior to version 2.0.2, there is a potential attack of arbitrary code injection vulnerability in lychee-setup of the composite action at action.yml. This issue has been patched in version 2.0.2. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 15:15:00 GMT

read more

CVE-2025-51969 - PuneethReddyHC Online Shopping System SQL Injection

CVE ID : CVE-2025-51969 Published : Aug. 28, 2025, 2:15 p.m. | 4 hours, 6 minutes ago Description : A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping System Advanced 1.0. This flaw is present in the product_id GET parameter, which is not properly validated before being included in a SQL statement. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-51971 - PuneethReddyHC Online Shopping System Reflected XSS

CVE ID : CVE-2025-51971 Published : Aug. 28, 2025, 2:15 p.m. | 4 hours, 6 minutes ago Description : A reflected Cross-Site Scripting (XSS) vulnerability exists in register.php of PuneethReddyHC Online Shopping System Advanced 1.0. Unsanitized user input in the f_name parameter is reflected in the server response without proper HTML encoding or output escaping. This allows remote attackers to inject arbitrary JavaScript code. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-51972 - PuneethReddyHC Online Shopping System SQL Injection

CVE ID : CVE-2025-51972 Published : Aug. 28, 2025, 2:15 p.m. | 4 hours, 6 minutes ago Description : A SQL Injection vulnerability exists in the login.php of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-9578 - Acronis Cyber Protect Cloud Agent Windows Insecure Folder Permissions Privilege Escalation

CVE ID : CVE-2025-9578 Published : Aug. 28, 2025, 2:15 p.m. | 4 hours, 5 minutes ago Description : Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40734. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2024-49790 - IBM Watson Studio on Cloud Pak for Data Cross-Site Scripting (XSS)

CVE ID : CVE-2024-49790 Published : Aug. 28, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : IBM Watson Studio on Cloud Pak for Data 4.0 and 5.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-51967 - ProjectsAndPrograms School Management System Reflected Cross-site Scripting (XSS)

CVE ID : CVE-2025-51967 Published : Aug. 28, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : A Reflected Cross-site Scripting (XSS) vulnerability exists in the themeSet.php file of ProjectsAndPrograms School Management System 1.0. The application fails to sanitize user-supplied input in the theme POST parameter, allowing an attacker to inject and execute arbitrary JavaScript in a victim's browser. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-51968 - PuneethReddyHC Online Shopping System SQL Injection

CVE ID : CVE-2025-51968 Published : Aug. 28, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 14:15:00 GMT

read more

CVE-2025-54724 - Golo Cross-site Scripting (XSS)

CVE ID : CVE-2025-54724 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo allows Reflected XSS. This issue affects Golo: from n/a through 1.7.1. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54725 - Uxper Golo Authentication Bypass

CVE ID : CVE-2025-54725 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows Authentication Abuse. This issue affects Golo: from n/a through 1.7.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54731 - YouTube Showcase Object Injection Vulnerability

CVE ID : CVE-2025-54731 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Improper Control of Generation of Code ('Code Injection') vulnerability in emarket-design YouTube Showcase allows Object Injection. This issue affects YouTube Showcase: from n/a through 3.5.1. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54733 - Miles All Bootstrap Blocks Authentication Bypass

CVE ID : CVE-2025-54733 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Missing Authorization vulnerability in Miles All Bootstrap Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects All Bootstrap Blocks: from n/a through 1.3.28. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54734 - BPlugins B Slider Missing Authorization Vulnerability

CVE ID : CVE-2025-54734 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Missing Authorization vulnerability in bPlugins B Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B Slider: from n/a through 1.1.30. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54738 - NooTheme Jobmonster Authentication Bypass

CVE ID : CVE-2025-54738 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobmonster allows Authentication Abuse. This issue affects Jobmonster: from n/a through 4.7.9. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54742 - Magepeopleteam WpEvently Untrusted Data Deserialization Object Injection Vulnerability

CVE ID : CVE-2025-54742 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object Injection. This issue affects WpEvently: from n/a through 4.4.8. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58123 - Checkmk Exchange Plugin SSL/TLS Certificate Validation Vulnerability

CVE ID : CVE-2025-58123 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Improper Certificate Validation in Checkmk Exchange plugin BGP Monitoring allows attackers in MitM position to intercept traffic. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58124 - Checkmk Exchange Certificate Validation Bypass

CVE ID : CVE-2025-58124 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM position to intercept traffic. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58125 - Freebox Checkmk Exchange Plugin SSL Certificate Validation Bypass

CVE ID : CVE-2025-58125 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Improper Certificate Validation in Checkmk Exchange plugin Freebox v6 agent allows attackers in MitM position to intercept traffic. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58126 - VMware vSAN Checkmk Exchange Plugin SSL/TLS Man-in-the-Middle Attack Vulnerability

CVE ID : CVE-2025-58126 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Improper Certificate Validation in Checkmk Exchange plugin VMware vSAN allows attackers in MitM position to intercept traffic. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-58127 - Dell Powerscale Certificate Validation Weakness

CVE ID : CVE-2025-58127 Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago Description : Improper Certificate Validation in Checkmk Exchange plugin Dell Powerscale allows attackers in MitM position to intercept traffic. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53588 - UKR Solution UPC/EAN/GTIN Code Generator Path Traversal

CVE ID : CVE-2025-53588 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator allows Path Traversal. This issue affects UPC/EAN/GTIN Code Generator: from n/a through 2.0.2. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54029 - WooCommerce CSV Import Export Path Traversal

CVE ID : CVE-2025-54029 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in extendons WooCommerce csv import export allows Path Traversal. This issue affects WooCommerce csv import export: from n/a through 2.0.6. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54710 - Tiktok Feed Missing Authorization Vulnerability

CVE ID : CVE-2025-54710 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago Description : Missing Authorization vulnerability in bPlugins Tiktok Feed allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Tiktok Feed: from n/a through 1.0.21. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54714 - Zephyr Project Manager Missing Authorization Vulnerability

CVE ID : CVE-2025-54714 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago Description : Missing Authorization vulnerability in Dylan James Zephyr Project Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zephyr Project Manager: from n/a through 3.3.201. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54716 - Ovatheme Ireca PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54716 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Ireca allows PHP Local File Inclusion. This issue affects Ireca: from n/a through 1.8.5. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54720 - SteelThemes Nest Addons SQL Injection

CVE ID : CVE-2025-54720 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SteelThemes Nest Addons allows SQL Injection. This issue affects Nest Addons: from n/a through 1.6.3. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53337 - Ashan Perera LifePress Missing Authorization Vulnerability

CVE ID : CVE-2025-53337 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago Description : Missing Authorization vulnerability in Ashan Perera LifePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LifePress: from n/a through 2.1.3. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53572 - eMarket-Design WP Easy Contact Object Injection Vulnerability

CVE ID : CVE-2025-53572 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago Description : Deserialization of Untrusted Data vulnerability in emarket-design WP Easy Contact allows Object Injection. This issue affects WP Easy Contact: from n/a through 4.0.1. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53576 - Ovatheme Events PHP Local File Inclusion Vulnerability

CVE ID : CVE-2025-53576 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Ovatheme Events allows PHP Local File Inclusion. This issue affects Ovatheme Events: from n/a through 1.2.8. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53578 - Gavias Kipso PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-53578 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kipso allows PHP Local File Inclusion. This issue affects Kipso: from n/a through 1.3.4. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53579 - Captcha.eu Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-53579 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in captcha.eu Captcha.eu allows Reflected XSS. This issue affects Captcha.eu: from n/a through n/a. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53583 - Emarket-Design Employee Spotlight Deserialization of Untrusted Data Object Injection

CVE ID : CVE-2025-53583 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago Description : Deserialization of Untrusted Data vulnerability in emarket-design Employee Spotlight allows Object Injection. This issue affects Employee Spotlight: from n/a through 5.1.1. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-53584 - WP Ticket Customer Service Software Support Ticket System Object Injection Vulnerability

CVE ID : CVE-2025-53584 Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago Description : Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System allows Object Injection. This issue affects WP Ticket Customer Service Software & Support Ticket System: from n/a through 6.0.2. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 13:16:00 GMT

read more

CVE-2025-54762 - D-Link Media Server Remote File Upload and Command Execution Vulnerability

CVE ID : CVE-2025-54762 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-48963 - Acronis Cyber Protect Cloud Agent Privilege Escalation Vulnerability

CVE ID : CVE-2025-48963 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-58072 - "Sony SS Path Traversal Vulnerability"

CVE ID : CVE-2025-58072 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, arbitrary files may be viewed by a remote unauthenticated attacker. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-52460 - SS1 Remote File Access Vulnerability

CVE ID : CVE-2025-52460 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : Files or directories accessible to external parties issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If exploited, uploaded files and SS1 configuration files may be accessed by a remote unauthenticated attacker. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-46409 - Samsung Smart TV Weak Encryption Authentication Bypass

CVE ID : CVE-2025-46409 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, a function that requires authentication may be accessed by a remote unauthenticated attacker. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-53970 - Apache SS Remote File Upload and Command Execution Vulnerability

CVE ID : CVE-2025-53970 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-54819 - Samsung SSD Path Traversal Vulnerability

CVE ID : CVE-2025-54819 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-53396 - SS1 Privilege Escalation Vulnerability

CVE ID : CVE-2025-53396 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier), which may allow users who can log in to a client terminal to obtain root privileges. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-58081 - SS1 Root File Access Vulnerability

CVE ID : CVE-2025-58081 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : Use of hard-coded password issue/vulnerability in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to view arbitrary files with root privileges. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2024-58240 - Linux Kernel TLS Use-After-Free (UAF)

CVE ID : CVE-2024-58240 Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We should preferably also use a separate crypto_wait. I'm not seeing a UAF as I did in the past, I think aec7961916f3 ("tls: fix race between async notify and socket close") took care of it. This will make the next fix easier. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 11:16:00 GMT

read more

CVE-2025-58322 - NAVER MYBOX Explorer Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-58322 Published : Aug. 28, 2025, 8:15 a.m. | 4 hours, 5 minutes ago Description : NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary commands due to improper privilege checks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 08:15:00 GMT

read more

CVE-2025-6255 - WooCommerce Dynamic AJAX Product Filters Stored Cross-Site Scripting

CVE ID : CVE-2025-6255 Published : Aug. 28, 2025, 7:15 a.m. | 5 hours, 5 minutes ago Description : The Dynamic AJAX Product Filters for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘className’ parameter in all versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 07:15:00 GMT

read more

CVE-2025-8073 - WooCommerce Dynamic AJAX Product Filters Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8073 Published : Aug. 28, 2025, 7:15 a.m. | 5 hours, 5 minutes ago Description : The Dynamic AJAX Product Filters for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 07:15:00 GMT

read more

CVE-2024-13807 - Xagio SEO Plugin for WordPress Sensitive Information Exposure

CVE ID : CVE-2024-13807 Published : Aug. 28, 2025, 6:15 a.m. | 6 hours, 6 minutes ago Description : The Xagio SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.1.0.5 via the backup functionality due to weak filename structure and lack of protection in the directory. This makes it possible for unauthenticated attackers to extract sensitive data from backups which can include the entire database and site's files. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 06:15:00 GMT

read more

CVE-2025-7955 - RingCentral Communications WordPress Authentication Bypass

CVE ID : CVE-2025-7955 Published : Aug. 28, 2025, 6:15 a.m. | 6 hours, 5 minutes ago Description : The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentral_admin_login_2fa_verify() function in versions 1.5 to 1.6.8. This makes it possible for unauthenticated attackers to log in as any user simply by supplying identical bogus codes. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 06:15:00 GMT

read more

CVE-2025-7956 - Apache Ajax Search Lite Information Exposure Vulnerability

CVE ID : CVE-2025-7956 Published : Aug. 28, 2025, 6:15 a.m. | 6 hours, 5 minutes ago Description : The Ajax Search Lite plugin for WordPress is vulnerable to Basic Information Exposure due to missing authorization in its AJAX search handler in all versions up to, and including, 4.13.1. This makes it possible for unauthenticated attackers to issue repeated AJAX requests to leak the content of any protected post in rolling 100‑character windows. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 06:15:00 GMT

read more

CVE-2025-8977 - "WordPress Simple Download Monitor SQL Injection"

CVE ID : CVE-2025-8977 Published : Aug. 28, 2025, 5:15 a.m. | 7 hours, 5 minutes ago Description : The Simple Download Monitor plugin for WordPress is vulnerable to time-based SQL Injection via the order parameter in all versions up to, and including, 3.9.33 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, and permissions granted by an Administrator, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 05:15:00 GMT

read more

CVE-2025-8603 - Unlimited Elements For Elementor WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8603 Published : Aug. 28, 2025, 4:16 a.m. | 8 hours, 5 minutes ago Description : The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 1.5.148 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 04:16:00 GMT

read more

CVE-2025-9345 - Managefy Plugin Path Traversal Vulnerability

CVE ID : CVE-2025-9345 Published : Aug. 28, 2025, 4:16 a.m. | 8 hours, 5 minutes ago Description : The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.8 via the ajax_downloadfile() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 04:16:00 GMT

read more

CVE-2025-9346 - Booking Calendar for WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9346 Published : Aug. 28, 2025, 4:16 a.m. | 8 hours, 5 minutes ago Description : The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 10.14.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 04:16:00 GMT

read more

CVE-2024-9648 - WordPress WP ULike Pro File Upload Vulnerability

CVE ID : CVE-2024-9648 Published : Aug. 28, 2025, 4:15 a.m. | 8 hours, 5 minutes ago Description : The WP ULike Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the WP_Ulike_Pro_File_Uploader class in all versions up to, and including, 1.9.3. This makes it possible for unauthenticated attackers to upload limited arbitrary files like .php2, .php6, .php7, .phps, .pht, .phtm, .pgif, .shtml, .phar, .inc, .hphp, .ctp, .module, .html, .svg on the affected site's server which may make make other attacks like Cross-Site Scripting possible. Only versions up to 1.8.7 were confirmed vulnerable, however, the earliest tested version for a patch we have access to is 1.9.4, so we are considering 1.9.4 the patched version. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 04:15:00 GMT

read more

CVE-2025-0951 - LiquidThemes WordPress Theme and Plugin Unauthorized Access Vulnerability

CVE ID : CVE-2025-0951 Published : Aug. 28, 2025, 4:15 a.m. | 8 hours, 5 minutes ago Description : Multiple plugins and/or themes for WordPress by LiquidThemes are vulnerable to unauthorized access due to a missing capability check on the liquid_reset_wordpress_before AJAX in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to deactivate all of a site's plugins. While we escalated this to Envato after not being able to establish contact, it appears the developer added a nonce check, however that is not sufficient protection as the nonce is exposed to all users with access to the dashboard. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 04:15:00 GMT

read more

CVE-2025-36003 - IBM Security Verify Governance Identity Manager Information Disclosure Vulnerability

CVE ID : CVE-2025-36003 Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago Description : IBM Security Verify Governance Identity Manager 10.0.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-57845 - Apache HTTP Server Remote Code Execution Vulnerability

CVE ID : CVE-2025-57845 Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago Description : Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-34158. Reason: This candidate is a reservation duplicate of CVE-2025-34158. Notes: All CVE users should reference CVE-2025-34158 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-7812 - Video Share VOD WordPress CSRF Vulnerability

CVE ID : CVE-2025-7812 Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago Description : The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.6. This is due to missing or incorrect nonce validation on the adminExport() function. This makes it possible for unauthenticated attackers to update settings and execute remote code when the Server command execution setting is enabled via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-8897 - Beaver Builder WordPress Page Builder Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8897 Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago Description : The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘'fl_builder' parameter in all versions up to, and including, 2.9.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-9344 - UsersWP WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9344 Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago Description : The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'uwp_profile' and 'uwp_profile_header' shortcodes in all versions up to, and including, 1.2.42 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-9352 - Pronamic Google Maps for WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9352 Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago Description : The Pronamic Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the description field in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 28 Aug 2025 03:15:00 GMT

read more

CVE-2025-34160 - AnyShare ServiceAgent API Remote Code Execution Vulnerability

CVE ID : CVE-2025-34160 Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago Description : AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/start_service accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is interpreted by the backend, enabling arbitrary command execution. The vulnerability is presumed to affect builds released prior to August 2025 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34162 - Bian Que Feijiu Intelligent Emergency and Quality Control System SQL Injection Vulnerability

CVE ID : CVE-2025-34162 Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago Description : An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que Feijiu Intelligent Emergency and Quality Control System, accessible via the /AppService/BQMedical/WebServiceForFirstaidApp.asmx interface. The backend fails to properly sanitize user-supplied input in the strOpid parameter, allowing attackers to inject arbitrary SQL statements. This can lead to data exfiltration, authentication bypass, and potentially remote code execution, depending on backend configuration. The vulnerability is presumed to affect builds released prior to June 2025 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34163 - Dongsheng Logistics Software Remote Code Execution (RCE)

CVE ID : CVE-2025-34163 Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago Description : Dongsheng Logistics Software exposes an unauthenticated endpoint at /CommMng/Print/UploadMailFile that fails to enforce proper file type validation and access control. An attacker can upload arbitrary files, including executable scripts such as .ashx, via a crafted multipart/form-data POST request. This allows remote code execution on the server, potentially leading to full system compromise. The vulnerability is presumed to affect builds released prior to July 2025 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34520 - Arcserve Unified Data Protection Authentication Bypass Vulnerability

CVE ID : CVE-2025-34520 Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago Description : An authentication bypass vulnerability in Arcserve Unified Data Protection (UDP) allows unauthenticated attackers to gain unauthorized access to protected functionality or user accounts. By manipulating specific request parameters or exploiting a logic flaw, an attacker can bypass login mechanisms without valid credentials and access administrator-level features. This vulnerability affects all UDP versions prior to 10.2. UDP 10.2 includes the necessary patches and requires no action. Versions 8.0 through 10.1 are supported and require either patch application or upgrade to 10.2. Versions 7.x and earlier are unsupported or out of maintenance and must be upgraded to 10.2 to remediate the issue. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34521 - Arcserve Unified Data Protection (UDP) Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-34521 Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the Arcserve Unified Data Protection (UDP), where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by another user, execute arbitrary JavaScript in the victim’s browser. Successful exploitation may lead to session hijacking, credential theft, or other client-side impacts. The vulnerability requires user interaction and occurs within a shared browser context. This vulnerability affects all UDP versions prior to 10.2. UDP 10.2 includes the necessary patches and requires no action. Versions 8.0 through 10.1 are supported and require either patch application or upgrade to 10.2. Versions 7.x and earlier are unsupported or out of maintenance and must be upgraded to 10.2 to remediate the issue. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34522 - Arcserve Unified Data Protection Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-34522 Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago Description : A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection (UDP). This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory, potentially leading to application crashes or remote code execution. Exploitation occurs in the context of the affected process and does not require user interaction. The vulnerability poses a high risk due to its pre-authentication nature and potential for full compromise. This vulnerability affects all UDP versions prior to 10.2. UDP 10.2 includes the necessary patches and requires no action. Versions 8.0 through 10.1 are supported and require either patch application or upgrade to 10.2. Versions 7.x and earlier are unsupported or out of maintenance and must be upgraded to 10.2 to remediate the issue. Severity: 9.2 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-34523 - Arcserve Unified Data Protection (UDP) Remote Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-34523 Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago Description : A heap-based buffer overflow vulnerability exists in the exists in the network-facing input handling routines of Arcserve Unified Data Protection (UDP). This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending specially crafted data, a remote attacker can corrupt heap memory, potentially causing a denial of service or enabling arbitrary code execution depending on the memory layout and exploitation techniques used. This vulnerability is similar in nature to CVE-2025-34522 but affects a separate code path or component. No user interaction is required, and exploitation occurs in the context of the vulnerable process. This vulnerability affects all UDP versions prior to 10.2. UDP 10.2 includes the necessary patches and requires no action. Versions 8.0 through 10.1 are supported and require either patch application or upgrade to 10.2. Versions 7.x and earlier are unsupported or out of maintenance and must be upgraded to 10.2 to remediate the issue. Severity: 9.2 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13982 - SPON IP Network Broadcast System Arbitrary File Read Vulnerability

CVE ID : CVE-2024-13982 Published : Aug. 27, 2025, 10:15 p.m. | 9 hours, 12 minutes ago Description : SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rj_get_token.php endpoint. The flaw arises from insufficient input validation on the jsondata[url] parameter, which allows attackers to perform directory traversal and access sensitive files on the server. An unauthenticated remote attacker can exploit this vulnerability by sending a crafted POST request to read arbitrary files, potentially exposing system configuration, credentials, or internal logic. An affected version range is undefined. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13984 - QiAnXin TianQing Management Center RPTSVR Path Traversal Vulnerability

CVE ID : CVE-2024-13984 Published : Aug. 27, 2025, 10:15 p.m. | 9 hours, 12 minutes ago Description : QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path traversal vulnerability in the rptsvr component that allows unauthenticated attackers to upload files to arbitrary locations on the server. The /rptsvr/upload endpoint fails to sanitize the filename parameter in multipart form-data requests, enabling path traversal. This allows attackers to place executable files in web-accessible directories, potentially leading to remote code execution. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13985 - Dahua EIMS Command Injection Vulnerability

CVE ID : CVE-2024-13985 Published : Aug. 27, 2025, 10:15 p.m. | 9 hours, 12 minutes ago Description : A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated remote attackers to execute arbitrary system commands via the capture_handle.action interface. The flaw stems from improper input validation in the captureCommand parameter, which is processed without sanitization or authentication. By sending crafted HTTP requests, attackers can inject OS-level commands that are executed on the server, leading to full system compromise. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13979 - St. Joe ERP System SQL Injection Vulnerability

CVE ID : CVE-2024-13979 Published : Aug. 27, 2025, 10:15 p.m. | 8 hours, 14 minutes ago Description : A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into SQL queries, enabling direct manipulation of the backend database. Successful exploitation may result in unauthorized data access, modification of records, or limited disruption of service. An affected version range is undefined. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13980 - H3C Intelligent Management Center Remote Command Execution Vulnerability

CVE ID : CVE-2024-13980 Published : Aug. 27, 2025, 10:15 p.m. | 8 hours, 14 minutes ago Description : H3C Intelligent Management Center (IMC) versions up to and including E0632H07 contains a remote command execution vulnerability in the /byod/index.xhtml endpoint. Improper handling of JSF ViewState allows unauthenticated attackers to craft POST requests with forged javax.faces.ViewState parameters, potentially leading to arbitrary command execution. This flaw does not require authentication and may be exploited without session cookies. An affected version range is undefined. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2024-13981 - LiveBOS Arbitrary File Upload Vulnerability

CVE ID : CVE-2024-13981 Published : Aug. 27, 2025, 10:15 p.m. | 8 hours, 14 minutes ago Description : LiveBOS, an object-oriented business architecture middleware suite developed by Apex Software Co., Ltd., contains an arbitrary file upload vulnerability in its UploadFile.do;.js.jsp endpoint. This flaw affects the LiveBOS Server component and allows unauthenticated remote attackers to upload crafted files outside the intended directory structure via path traversal in the filename parameter. Successful exploitation may lead to remote code execution on the server, enabling full system compromise. The vulnerability is presumed to affect builds released prior to August 2024 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2023-7309 - Dahua Smart Park Integrated Management Platform SOAP Path Traversal Remote Code Execution Vulnerability

CVE ID : CVE-2023-7309 Published : Aug. 27, 2025, 10:15 p.m. | 7 hours, 11 minutes ago Description : A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform (also referred to as the Dahua Smart Campus Integrated Management Platform), affecting the SOAP-based GIS bitmap upload interface. The flaw allows unauthenticated remote attackers to upload arbitrary files to the server via crafted SOAP requests, including executable JSP payloads. Successful exploitation may lead to remote code execution (RCE) and full compromise of the affected system. The vulnerability is presumed to affect builds released prior to September 2023 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2018-25115 - D-Link DIR-series Router Privilege Escalation Remote Command Execution Vulnerability

CVE ID : CVE-2018-25115 Published : Aug. 27, 2025, 10:15 p.m. | 6 hours, 14 minutes ago Description : Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell without sanitization. A crafted HTTP POST request can inject commands that are executed with root privileges, resulting in full device compromise. These router models are no longer supported at the time of assignment and affected version ranges may vary. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2023-7307 - Sangfor Behavior Management System XXE Injection Vulnerability

CVE ID : CVE-2023-7307 Published : Aug. 27, 2025, 10:15 p.m. | 6 hours, 14 minutes ago Description : Sangfor Behavior Management System (also referred to as DC Management System in Chinese-language documentation) contains an XML external entity (XXE) injection vulnerability in the /src/sangforindex endpoint. A remote unauthenticated attacker can submit crafted XML data containing external entity definitions, leading to potential disclosure of internal files, server-side request forgery (SSRF), or other impacts depending on parser behavior. The vulnerability is due to improper configuration of the XML parser, which allows resolution of external entities without restriction. This product is now integrated into their IAM (Internet Access Management) platform and an affected version range is undefined. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2023-7308 - NSFOCUS SecGate3600 Authentication Bypass Information Disclosure

CVE ID : CVE-2023-7308 Published : Aug. 27, 2025, 10:15 p.m. | 6 hours, 14 minutes ago Description : SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure vulnerability in the /cgi-bin/authUser/authManageSet.cgi endpoint. The affected component fails to enforce authentication checks on POST requests to retrieve user data. An unauthenticated remote attacker can exploit this flaw to obtain sensitive information, including user identifiers and configuration details, by sending crafted requests to the vulnerable endpoint. An affected version range is undefined. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 22:15:00 GMT

read more

CVE-2025-40779 - Kea DHCPv4 Assertion Failure Vulnerability

CVE ID : CVE-2025-40779 Published : Aug. 27, 2025, 9:15 p.m. | 7 hours, 14 minutes ago Description : If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the `kea-dhcp4` process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem. This issue affects Kea versions 2.7.1 through 2.7.9, 3.0.0, and 3.1.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 21:15:00 GMT

read more

CVE-2025-5101 - GitLab Code Injection Vulnerability

CVE ID : CVE-2025-5101 Published : Aug. 27, 2025, 8:15 p.m. | 8 hours, 14 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that under certain conditions could have allowed an authenticated attacker to distribute malicious code that appears harmless in the web interface by taking advantage of ambiguity between branches and tags during repository imports. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2024-37777 - O2OA Remote Code Execution Vulnerability

CVE ID : CVE-2024-37777 Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago Description : O2OA v9.0.3 was discovered to contain a remote code execution (RCE) vulnerability via the mainOutput() function. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-2246 - GitLab Unauthenticated GraphQL API Access Vulnerability

CVE ID : CVE-2025-2246 Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have allowed unauthenticated users to access sensitive manual CI/CD variables by querying the GraphQL API. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-3601 - GitLab Denial of Service (DoS) in URL Processing

CVE ID : CVE-2025-3601 Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to cause a Denial of Service (DoS) condition by submitting URLs that generate excessively large responses. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-4225 - GitLab GraphQL Denial-of-Service Vulnerability

CVE ID : CVE-2025-4225 Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 14.1 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that that under certain conditions could have allowed an unauthenticated attacker to cause a denial-of-service condition affecting all users by sending specially crafted GraphQL requests. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-55582 - D-Link DCS-825L Persistent Privilege Escalation and Arbitrary Code Execution

CVE ID : CVE-2025-55582 Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago Description : D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch-dog.sh`, which blindly respawns binaries such as `dcp` and `signalc` without verifying integrity, authenticity, or permissions. An attacker with local filesystem access (via physical access, firmware modification, or debug interfaces) can replace these binaries with malicious payloads. The script executes these binaries as root in an infinite loop, leading to persistent privilege escalation and arbitrary code execution. This issue is mitigated in v1.09.02, but the product is officially End-of-Life and unsupported. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-55618 - Hyundai Navigation App Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-55618 Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago Description : In Hyundai Navigation App STD5W.EUR.HMC.230516.afa908d, an attacker can inject HTML payloads in the profile name field in navigation app which then get rendered. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 20:15:00 GMT

read more

CVE-2025-55495 - Tenda AC6 Buffer Overflow Vulnerability

CVE ID : CVE-2025-55495 Published : Aug. 27, 2025, 7:15 p.m. | 1 hour, 27 minutes ago Description : Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 19:15:00 GMT

read more

CVE-2025-58050 - PCRE2 Heap-Buffer-Overflow Read Vulnerability

CVE ID : CVE-2025-58050 Published : Aug. 27, 2025, 7:15 p.m. | 1 hour, 27 minutes ago Description : The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 19:15:00 GMT

read more

CVE-2025-58196 - UiCore Elements Cross-site Scripting Vulnerability

CVE ID : CVE-2025-58196 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uicore UiCore Elements allows Stored XSS. This issue affects UiCore Elements: from n/a through 1.3.4. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58197 - Simple Download Monitor Cross-site Scripting (XSS)

CVE ID : CVE-2025-58197 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mra13 / Team Tips and Tricks HQ Simple Download Monitor allows Stored XSS. This issue affects Simple Download Monitor: from n/a through 3.9.34. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58198 - Xpro Theme Builder Missing Authorization

CVE ID : CVE-2025-58198 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Missing Authorization vulnerability in Xpro Xpro Theme Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Xpro Theme Builder: from n/a through 1.2.9. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58201 - AfterShip Tracking Missing Authorization Vulnerability

CVE ID : CVE-2025-58201 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Missing Authorization vulnerability in AfterShip & Automizely AfterShip Tracking allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects AfterShip Tracking: from n/a through 1.17.17. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58202 - WordPress Simple Page Access Restriction CSRF

CVE ID : CVE-2025-58202 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippets Simple Page Access Restriction allows Cross Site Request Forgery. This issue affects Simple Page Access Restriction: from n/a through 1.0.32. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58203 - Solace Extra SSRF Vulnerability

CVE ID : CVE-2025-58203 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra allows Server Side Request Forgery. This issue affects Solace Extra: from n/a through 1.3.2. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58204 - Eric Teubert Podlove Podcast Publisher Open Redirect Phishing

CVE ID : CVE-2025-58204 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Eric Teubert Podlove Podcast Publisher allows Phishing. This issue affects Podlove Podcast Publisher: from n/a through 4.2.5. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58205 - ElementInvader Elementor DOM-Based Cross-site Scripting

CVE ID : CVE-2025-58205 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor allows DOM-Based XSS. This issue affects ElementInvader Addons for Elementor: from n/a through 1.3.6. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58208 - Elementor Forms + Drag And Drop Template Builder Cross-site Scripting

CVE ID : CVE-2025-58208 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder allows Stored XSS. This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through 6.2.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58209 - rtCamp Transcoder Cross-Site Scripting

CVE ID : CVE-2025-58209 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtCamp Transcoder allows Stored XSS. This issue affects Transcoder: from n/a through 1.4.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58211 - Alexvtn Chatbox Manager Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-58211 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alexvtn Chatbox Manager allows Stored XSS. This issue affects Chatbox Manager: from n/a through 1.2.6. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58212 - Epeken All Kurir DOM-Based Cross-site Scripting

CVE ID : CVE-2025-58212 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in epeken Epeken All Kurir allows DOM-Based XSS. This issue affects Epeken All Kurir: from n/a through 2.0.1. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58213 - Trafft Booking System Stored Cross-Site Scripting

CVE ID : CVE-2025-58213 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ameliabooking Booking System Trafft allows Stored XSS. This issue affects Booking System Trafft: from n/a through 1.0.14. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58216 - WordPress Thumbtack Review Slider Cross-Site Scripting

CVE ID : CVE-2025-58216 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP Thumbtack Review Slider allows Stored XSS. This issue affects WP Thumbtack Review Slider: from n/a through 2.6. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58217 - GeroNikolov Instant Breaking News CSRF Stored XSS

CVE ID : CVE-2025-58217 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant Breaking News allows Stored XSS. This issue affects Instant Breaking News: from n/a through 1.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58218 - Enituretechnology Small Package Quotes – USPS Edition Object Injection Vulnerability

CVE ID : CVE-2025-58218 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago Description : Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition allows Object Injection. This issue affects Small Package Quotes – USPS Edition: from n/a through 1.3.9. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-50979 - NodeBB SQL Injection

CVE ID : CVE-2025-50979 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago Description : NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter is not properly sanitized, allowing unauthenticated, remote attackers to inject boolean-based blind and PostgreSQL error-based payloads. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-51667 - Simple-Admin-Core SQL Injection Vulnerability

CVE ID : CVE-2025-51667 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago Description : An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited SQL injection vulnerability, which may lead to partial data leakage or disruption of normal system operations. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-55422 - FoxCMS Reflected Cross Site Scripting (XSS)

CVE ID : CVE-2025-55422 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago Description : In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58192 - Xylus Themes WP Bulk Delete Missing Authorization Vulnerability

CVE ID : CVE-2025-58192 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago Description : Missing Authorization vulnerability in Xylus Themes WP Bulk Delete allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Bulk Delete: from n/a through 1.3.6. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58193 - Uncanny Automator Missing Authorization Vulnerability

CVE ID : CVE-2025-58193 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago Description : Missing Authorization vulnerability in Uncanny Owl Uncanny Automator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Uncanny Automator: from n/a through 6.7.0.1. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58194 - **Boldthemes Bold Page Builder Stored Cross-Site Scripting (XSS)**

CVE ID : CVE-2025-58194 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder allows Stored XSS. This issue affects Bold Page Builder: from n/a through 5.4.3. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-58195 - Xpro Elementor Addons Cross-site Scripting

CVE ID : CVE-2025-58195 Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS. This issue affects Xpro Elementor Addons: from n/a through 1.4.17. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 18:15:00 GMT

read more

CVE-2025-57821 - Basecamp Open-Redirect Vulnerability

CVE ID : CVE-2025-57821 Published : Aug. 27, 2025, 5:15 p.m. | 2 hours, 3 minutes ago Description : Basecamp's Google Sign-In adds Google sign-in to Rails applications. Prior to version 1.3.0, it is possible to craft a malformed URL that passes the "same origin" check, resulting in the user being redirected to another origin. Rails applications configured to store the flash information in a session cookie may be vulnerable, if this can be chained with an attack that allows injection of arbitrary data into the session cookie. This issue has been patched in version 1.3.0. If upgrading is not possible at this time, a way to mitigate the chained attack can be done by explicitly setting SameSite=Lax or SameSite=Strict on the application session cookie. Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-5187 - Kubernetes NodeRestriction OwnerReference Deletion Vulnerability

CVE ID : CVE-2025-5187 Published : Aug. 27, 2025, 5:15 p.m. | 2 hours, 3 minutes ago Description : A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20241 - Cisco Nexus IS-IS Protocol Denial of Service Vulnerability

CVE ID : CVE-2025-20241 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20262 - Cisco Nexus PIM6 Ephemeral Query Processing Remote Denial of Service

CVE ID : CVE-2025-20262 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20290 - Cisco NX-OS Software Insecure Logging Disclosure

CVE ID : CVE-2025-20290 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow an authenticated, local attacker access to sensitive information. This vulnerability is due to improper logging of sensitive information. An attacker could exploit this vulnerability by accessing log files on the file system where they are stored. A successful exploit could allow the attacker to access sensitive information, such as stored credentials. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20292 - Cisco NX-OS CLI Command Injection Vulnerability

CVE ID : CVE-2025-20292 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by entering crafted input as the argument of an affected CLI command. A successful exploit could allow the attacker to read and write files on the underlying operating system with the privileges of a non-root user account. File system access is limited to the permissions that are granted to that non-root user account. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20294 - Cisco UCS Manager Software CLI and Web-Based Management Interface Command Injection Vulnerabilities

CVE ID : CVE-2025-20294 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root.   These vulnerabilities are due to insufficient input validation of command arguments supplied by the user. An attacker could exploit these vulnerabilities by authenticating to a device and submitting crafted input to the affected commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of the affected device with root-level privileges. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20295 - "Cisco UCS Manager CLI File System Privilege Escalation Vulnerability"

CVE ID : CVE-2025-20295 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files.   This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to read or create a file or overwrite any file on the file system of the underlying operating system of the affected device, including system files. To exploit this vulnerability, the attacker must have valid administrative credentials on the affected device. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20296 - Cisco UCS Manager Software Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-20296 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious data into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must be a member of the Administrator or AAA Administrator role. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20317 - Cisco IMC vKVM Cross-Site Scripting (XSS)

CVE ID : CVE-2025-20317 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to redirect a user to a malicious website. This vulnerability is due to insufficient verification of vKVM endpoints. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious webpage and potentially capture user credentials. Note: The affected vKVM client is also included in Cisco UCS Manager. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20342 - "Cisco IMC vKVM Stored XSS"

CVE ID : CVE-2025-20342 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid user credentials with privileges that allow for vKVM access on the affected device. Note: The affected vKVM client is also included in Cisco UCS Manager. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20344 - Cisco Nexus Dashboard Path Traversal Vulnerability

CVE ID : CVE-2025-20344 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid Administrator credentials could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to gain root privileges on the underlying shell on the affected device. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20347 - "Cisco Nexus Dashboard and NDFC REST API Endpoint Authorization Bypass"

CVE ID : CVE-2025-20347 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit th vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited Administrator functions, such as accessing sensitive information regarding HTTP Proxy and NTP configurations, uploading images, and damaging image files on an affected device. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-20348 - Cisco Nexus Dashboard and Fabric Controller Unauthorized File Access and Modification

CVE ID : CVE-2025-20348 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit th vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited Administrator functions, such as accessing sensitive information regarding HTTP Proxy and NTP configurations, uploading images, and damaging image files on an affected device. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-34157 - Coolify Stored XSS Vulnerability

CVE ID : CVE-2025-34157 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS) attack in the project creation workflow. An authenticated user with low privileges can create a project with a maliciously crafted name containing embedded JavaScript. When an administrator attempts to delete the project or its associated resource, the payload executes in the admin’s browser context. This results in full compromise of the Coolify instance, including theft of API tokens, session cookies, and access to WebSocket-based terminal sessions on managed servers. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-34159 - Coolify Docker Compose Remote Code Execution Vulnerability

CVE ID : CVE-2025-34159 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting a malicious service definition that mounts the host root filesystem, an attacker can gain full root access to the underlying server. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-34161 - Coolify Remote Code Execution Vulnerability

CVE ID : CVE-2025-34161 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution vulnerability in the project deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary shell commands via the Git Repository field during project creation. By submitting a crafted repository string containing command injection syntax, an attacker can execute arbitrary commands on the underlying host system, resulting in full server compromise. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-50428 - RaspAP Raspap-webgui Command Injection Vulnerability

CVE ID : CVE-2025-50428 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the includes/hostapd.php script. The vulnerability is due to improper sanitizing of user input passed via the interface parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-50977 - Apache Wicket Template Injection Cross-Site Scripting (XSS)

CVE ID : CVE-2025-50977 Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : A template injection vulnerability leading to reflected cross-site scripting (XSS) has been identified in version 1.7.1, requiring authenticated admin access for exploitation. The vulnerability exists in the 'r' parameter and allows attackers to inject malicious Angular expressions that execute JavaScript code in the context of the application. The flaw can be exploited through GET requests to the summary endpoint as well as POST requests to specific Wicket interface endpoints, though the GET method provides easier weaponization. This vulnerability enables authenticated administrators to execute arbitrary client-side code, potentially leading to session hijacking, data theft, or further privilege escalation attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 17:15:00 GMT

read more

CVE-2025-50978 - Gitblit Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-50978 Published : Aug. 27, 2025, 4:15 p.m. | 2 hours, 3 minutes ago Description : In Gitblit v1.7.1, a reflected cross-site scripting (XSS) vulnerability exists in the way repository path names are handled. By injecting a specially crafted path payload an attacker can cause arbitrary JavaScript to execute when a victim views the manipulated URL. This flaw stems from insufficient input sanitization of filename elements. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 16:15:00 GMT

read more

CVE-2025-50983 - Readarr SQLite Database SQL Injection

CVE ID : CVE-2025-50983 Published : Aug. 27, 2025, 4:15 p.m. | 2 hours, 3 minutes ago Description : SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlmap confirmed exploitation via stacked queries, demonstrating that the parameter can be abused to run arbitrary SQL statements. A heavy query was executed using SQLite's RANDOMBLOB() and HEX() functions to simulate a time-based payload, indicating deep control over database interactions. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 16:15:00 GMT

read more

CVE-2025-50984 - Diskover-Web Elasticsearch Boolean Blind SQL Injection

CVE ID : CVE-2025-50984 Published : Aug. 27, 2025, 4:15 p.m. | 2 hours, 3 minutes ago Description : diskover-web v2.3.0 Community Edition is vulnerable to multiple boolean-based blind SQL injection flaws in its Elasticsearch configuration form. Unsanitized user input in POST parameters such as ES_PASS, ES_MAXSIZE, ES_TRANSLOGSIZE, ES_TIMEOUT, ES_USER, ES_HOST, ES_PORT, ES_SCROLLSIZE, ES_CHUNKSIZE and others can be crafted to inject arbitrary SQLite expressions wrapped in JSON functions. By exploiting these injection points, an attacker can infer or extract sensitive information from the underlying database without authentication. This issue stems from improper input validation and parameterization in the application's JSON-based query construction. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 16:15:00 GMT

read more

CVE-2025-54598 - eBay Bevy Event CSRF Vulnerability

CVE ID : CVE-2025-54598 Published : Aug. 27, 2025, 4:15 p.m. | 2 hours, 3 minutes ago Description : The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 16:15:00 GMT

read more

CVE-2025-53105 - GLPI Unauthenticated Rule Reordering Vulnerability

CVE ID : CVE-2025-53105 Published : Aug. 27, 2025, 3:15 p.m. | 3 hours, 3 minutes ago Description : GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 10.0.0 to before 10.0.19, a connected user without administration rights can change the rules execution order. This issue has been patched in version 10.0.19. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-9533 - TOTOLINK T10 Remote Authentication Bypass Vulnerability

CVE ID : CVE-2025-9533 Published : Aug. 27, 2025, 3:15 p.m. | 3 hours, 3 minutes ago Description : A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown function of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-50972 - AbanteCart SQL Injection Vulnerability

CVE ID : CVE-2025-50972 Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute arbitrary SQL commands via the tmpl_id parameter to index.php. Three techniques have been demonstrated: error-based injection using a crafted FLOOR-based payload, time-based blind injection via SLEEP(), and UNION-based injection to extract arbitrary data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-50985 - Diskover-web Community Edition Cross-Site Scripting (XSS)

CVE ID : CVE-2025-50985 Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : diskover-web v2.3.0 Community Edition is vulnerable to multiple reflected cross-site scripting (XSS) flaws in its web interface. Unsanitized GET parameters including maxage, maxindex, index, path, q (query), and doctype are directly echoed into the HTML response, allowing attackers to inject and execute arbitrary JavaScript when a victim visits a maliciously crafted URL. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-50986 - Diskover-web Stored Cross-Site Scripting Vulnerabilities

CVE ID : CVE-2025-50986 Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting (XSS) vulnerabilities in its administrative settings interface. Various configuration fields such as ES_HOST, ES_INDEXREFRESH, ES_PORT, ES_SCROLLSIZE, ES_TRANSLOGSIZE, ES_TRANSLOGSYNCINT, EXCLUDES_FILES, FILE_TYPES[], INCLUDES_DIRS, INCLUDES_FILES, and TIMEZONE do not properly sanitize user-supplied input. Malicious payloads submitted via these parameters are persisted in the application and executed whenever an administrator views or edits the settings page. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-50989 - OPNsense Authenticated Command Injection Vulnerability

CVE ID : CVE-2025-50989 Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : OPNsense 25.1 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an administrator to inject arbitrary shell operators and payloads. Successful exploitation grants RCE with the privileges of the web service (typically root), potentially leading to full system compromise or lateral movement. This vulnerability arises from inadequate input validation and improper handling of user-supplied data in backend command invocations. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-52122 - CraftCMS Freeform SSTI Vulnerability

CVE ID : CVE-2025-52122 Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : Freeform 5.0.0 to before 5.10.16, a plugin for CraftCMS, contains an Server-side template injection (SSTI) vulnerability, resulting in arbitrary code injection for all users that have access to editing a form (submission title). Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 15:15:00 GMT

read more

CVE-2025-43728 - Dell ThinOS Protection Mechanism Failure Remote Bypass Vulnerability

CVE ID : CVE-2025-43728 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-43729 - Dell ThinOS Incorrect Permission Assignment for Critical Resource Vulnerability

CVE ID : CVE-2025-43729 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Elevation of Privileges and Unauthorized Access. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-43730 - Dell ThinOS Command Argument Injection Vulnerability

CVE ID : CVE-2025-43730 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A local unauthenticated user could potentially exploit this vulnerability leading to Elevation of Privileges and Information disclosure. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-43882 - Dell ThinOS Unverified Ownership Unauthorized Access

CVE ID : CVE-2025-43882 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : Dell ThinOS 10, versions prior to 2508_10.0127, contains an Unverified Ownership vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Unauthorized Access. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-56694 - Lumasoft fotoShare Cloud Authentication Bypass

CVE ID : CVE-2025-56694 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : Client-side password validation (CWE-602) in lumasoft fotoShare Cloud 2025-03-13 allowing unauthenticated attackers to view password-protected photo albums. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9527 - Linksys E1700 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9527 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the function QoSSetup of the file /goform/QoSSetup. Performing manipulation of the argument ack_policy results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9528 - Linksys E1700 OS Command Injection Vulnerability

CVE ID : CVE-2025-9528 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9529 - Campcodes Payroll Management System Remote File Inclusion Vulnerability

CVE ID : CVE-2025-9529 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : A weakness has been identified in Campcodes Payroll Management System 1.0. The affected element is the function include of the file /index.php. This manipulation of the argument page causes file inclusion. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9531 - Portabilis i-Educar Agenda Module SQL Injection

CVE ID : CVE-2025-9531 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument cod_agenda results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9532 - Portabilis i-Educar SQL Injection Vulnerability

CVE ID : CVE-2025-9532 Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : A flaw has been found in Portabilis i-Educar up to 2.10. This impacts an unknown function of the file /RegraAvaliacao/view. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 14:15:00 GMT

read more

CVE-2025-9525 - Linksys E1700 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9525 Published : Aug. 27, 2025, 1:15 p.m. | 3 hours, 12 minutes ago Description : A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 13:15:00 GMT

read more

CVE-2025-9526 - Linksys E1700 Remote Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9526 Published : Aug. 27, 2025, 1:15 p.m. | 3 hours, 12 minutes ago Description : A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this issue is the function setSysAdm of the file /goform/setSysAdm. Such manipulation of the argument rm_port leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 13:15:00 GMT

read more

CVE-2025-30059 - Apache PrepareCDExportSQL Injection Vulnerability

CVE ID : CVE-2025-30059 Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago Description : In the PrepareCDExportJSON.pl service, the "getPerfServiceIds" function is vulnerable to SQL injection. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30060 - Apache HTTP Server SQL Injection Vulnerability

CVE ID : CVE-2025-30060 Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago Description : In the ReturnUserUnitsXML.pl service, the "getUserInfo" function is vulnerable to SQL injection through the "UserID" parameter. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30061 - Apache HTTP Server SQL Injection Vulnerability

CVE ID : CVE-2025-30061 Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago Description : In the "utils/Reporter/OpenReportWindow.pl" service, there is an SQL injection vulnerability through the "UserID" parameter. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30063 - Apache HTTP Server Unsecured Configuration File Vulnerability

CVE ID : CVE-2025-30063 Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago Description : The configuration file containing database logins and passwords is readable by any local user. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30064 - Apache ThrustSession JWT Session Hijacking Vulnerability

CVE ID : CVE-2025-30064 Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago Description : An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not verify which signing algorithm was used. As a result, an attacker can use the "ex:action" parameter in the VerifyUserByThrustedService function to generate a session for any user. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-9523 - Tenda AC1206 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9523 Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago Description : A vulnerability was detected in Tenda AC1206 15.03.06.23. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. Severity: 10.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-2313 - HP Print pl Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-2313 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : In the Print.pl service, the "uhcPrintServerPrint" function allows execution of arbitrary code via the "CopyCounter" parameter. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30036 - "Oddział Ward Stored XSS"

CVE ID : CVE-2025-30036 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : Stored XSS vulnerability exists in the "Oddział" (Ward) module, in the death diagnosis description field, and allows the execution of arbitrary JavaScript code. This can lead to session hijacking of other users and potentially to privilege escalation up to full administrative rights. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30037 - Apache HTTP Server Unauthenticated Remote Access

CVE ID : CVE-2025-30037 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : The system exposes several endpoints, typically including "/int/" in their path, that should be restricted to internal services, but are instead publicly accessible without authentication to any host able to reach the application server on port 443/tcp. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30038 - CGM CLININET Session ID Leak

CVE ID : CVE-2025-30038 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream (ADS) for all files downloaded from potentially untrusted sources. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30039 - Apache CliniNET Unauthenticated Session Takeover Vulnerability

CVE ID : CVE-2025-30039 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : Unauthenticated access to the "/cgi-bin/CliniNET.prd/GetActiveSessions.pl" endpoint allows takeover of any user session logged into the system, including users with admin privileges. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30040 - Apache CliniNET Information Disclosure

CVE ID : CVE-2025-30040 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : The vulnerability allows unauthenticated users to download a file containing session ID data by directly accessing the "/cgi-bin/CliniNET.prd/utils/userlogxls.pl" endpoint. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30041 - Apache CliniNET Session ID Exposure Vulnerability

CVE ID : CVE-2025-30041 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : The paths "/cgi-bin/CliniNET.prd/utils/userlogstat.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat.pl", and "/cgi-bin/CliniNET.prd/utils/dblogstat.pl" expose data containing session IDs. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30048 - Apache Server Unauthenticated Access to Configuration Credentials

CVE ID : CVE-2025-30048 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30055 - Apache Struts JavaScript Caching Remote Code Execution Vulnerability

CVE ID : CVE-2025-30055 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is enabled, it is possible to execute arbitrary code provided as the "Module" parameter. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30056 - Apache Shell Injection Vulnerability

CVE ID : CVE-2025-30056 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : The RunCommand function accepts any parameter, which is then passed for execution in the shell. This allows an attacker to execute arbitrary code on the system. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30057 - Microsoft UHCRTFDoc Command Injection Vulnerability

CVE ID : CVE-2025-30057 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : In UHCRTFDoc, the filename parameter can be exploited to execute arbitrary code via command injection into the system() call in the ConvertToPDF function. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2025-30058 - Apache PatientService SQL Injection Vulnerability

CVE ID : CVE-2025-30058 Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago Description : In the PatientService.pl service, the "getPatientIdentifier" function is vulnerable to SQL injection through the "pesel" parameter. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 11:15:00 GMT

read more

CVE-2021-4459 - Sunny Boy Path Traversal Vulnerability

CVE ID : CVE-2021-4459 Published : Aug. 27, 2025, 8:15 a.m. | 6 hours, 12 minutes ago Description : An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 08:15:00 GMT

read more

CVE-2025-57846 - Fortinet i-Filter Privilege Escalation Vulnerability

CVE ID : CVE-2025-57846 Published : Aug. 27, 2025, 6:15 a.m. | 8 hours, 12 minutes ago Description : Multiple i-フィルター products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-9511 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9511 Published : Aug. 27, 2025, 6:15 a.m. | 8 hours, 12 minutes ago Description : A vulnerability was identified in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /visitor/addvisitor.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-9513 - Apache editso fuso RsaAndAesHandshake Encryption Strength Vulnerability

CVE ID : CVE-2025-9513 Published : Aug. 27, 2025, 6:15 a.m. | 8 hours, 12 minutes ago Description : A flaw has been found in editso fuso up to 1.0.4-beta.7. This affects the function PenetrateRsaAndAesHandshake of the file src/net/penetrate/handshake/mod.rs. This manipulation of the argument priv_key causes inadequate encryption strength. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-9514 - "Macrozheng Mall Registration Weak Password Requirements Remote RCE"

CVE ID : CVE-2025-9514 Published : Aug. 27, 2025, 6:15 a.m. | 8 hours, 12 minutes ago Description : A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be difficult. The vendor deleted the GitHub issue for this vulnerability without and explanation. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-57797 - Fujitsu ScanSnap Manager Privilege Escalation Vulnerability

CVE ID : CVE-2025-57797 Published : Aug. 27, 2025, 6:15 a.m. | 6 hours, 3 minutes ago Description : Incorrect privilege assignment vulnerability exists in ScanSnap Manager installers versions prior to V6.5L61. If this vulnerability is exploited, an authenticated local attacker may escalate privileges and execute an arbitrary command. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 06:15:00 GMT

read more

CVE-2025-9510 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9510 Published : Aug. 27, 2025, 5:15 a.m. | 7 hours, 3 minutes ago Description : A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /branch/addbranch.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 05:15:00 GMT

read more

CVE-2025-48081 - Printeers Print Ship Path Traversal Vulnerability

CVE ID : CVE-2025-48081 Published : Aug. 27, 2025, 5:15 a.m. | 6 hours, 1 minute ago Description : Path Traversal: '.../...//' vulnerability in Printeers Printeers Print & Ship allows Path Traversal.This issue affects Printeers Print & Ship: from n/a through 1.17.0. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 05:15:00 GMT

read more

CVE-2025-9508 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9508 Published : Aug. 27, 2025, 5:15 a.m. | 6 hours, 1 minute ago Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /report/rented_info.php. The manipulation of the argument rsid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 05:15:00 GMT

read more

CVE-2025-9509 - itsourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9509 Published : Aug. 27, 2025, 5:15 a.m. | 6 hours, 1 minute ago Description : A security flaw has been discovered in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/fair_info_all.php. Performing manipulation of the argument fid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 05:15:00 GMT

read more

CVE-2025-49039 - Mibuthu Link View Stored Cross-Site Scripting

CVE ID : CVE-2025-49039 Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mibuthu Link View allows Stored XSS.This issue affects Link View: from n/a through 0.8.0. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-49040 - Backup Bolt CSRF Vulnerability

CVE ID : CVE-2025-49040 Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Backup Bolt allows Cross Site Request Forgery.This issue affects Backup Bolt: from n/a through 1.4.1. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-9504 - Campcodes Online Loan Management System SQL Injection

CVE ID : CVE-2025-9504 Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago Description : A vulnerability was detected in Campcodes Online Loan Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_plan. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-9505 - Campcodes Online Loan Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9505 Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago Description : A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_loan_type. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-9506 - Campcodes Online Loan Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9506 Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago Description : A vulnerability has been found in Campcodes Online Loan Management System 1.0. This affects an unknown part of the file /ajax.php?action=delete_plan. Such manipulation of the argument ID leads to sql injection. The attack may be performed from a remote location. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-9507 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9507 Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago Description : A weakness has been identified in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/visitor_info.php. Executing manipulation of the argument vid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 04:16:00 GMT

read more

CVE-2025-49035 - "Chaimchaikin Admin Menu Groups Cross-site Scripting"

CVE ID : CVE-2025-49035 Published : Aug. 27, 2025, 4:15 a.m. | 7 hours, 1 minute ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chaimchaikin Admin Menu Groups allows Stored XSS.This issue affects Admin Menu Groups: from n/a through 0.1.2. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 04:15:00 GMT

read more

CVE-2025-7732 - WordPress Lazy Load for Videos Stored Cross-Site Scripting

CVE ID : CVE-2025-7732 Published : Aug. 27, 2025, 3:15 a.m. | 8 hours, 1 minute ago Description : The Lazy Load for Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lazy‑loading handlers in all versions up to, and including, 2.18.7 due to insufficient input sanitization and output escaping. The plugin’s JavaScript registration handlers read the client‑supplied 'data-video-title' and 'href' attributes, decode HTML entities by default, and pass them directly into DOM sinks without any escaping or validation. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 03:15:00 GMT

read more

CVE-2025-9502 - Campcodes Online Loan Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9502 Published : Aug. 27, 2025, 3:15 a.m. | 8 hours, 1 minute ago Description : A weakness has been identified in Campcodes Online Loan Management System 1.0. This impacts an unknown function of the file /ajax.php?action=save_payment. Executing manipulation of the argument loan_id can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 03:15:00 GMT

read more

CVE-2025-9503 - Campcodes Online Loan Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9503 Published : Aug. 27, 2025, 3:15 a.m. | 8 hours, 1 minute ago Description : A security vulnerability has been detected in Campcodes Online Loan Management System 1.0. Affected is an unknown function of the file /ajax.php?action=save_borrower. The manipulation of the argument lastname leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 03:15:00 GMT

read more

CVE-2025-8490 - All-in-One WP Migration and Backup Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8490 Published : Aug. 27, 2025, 12:15 a.m. | 11 hours, 1 minute ago Description : The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Import in all versions up to, and including, 7.97 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 27 Aug 2025 00:15:00 GMT

read more

CVE-2025-35114 - Agiloft Default Credentials Privilege Escalation

CVE ID : CVE-2025-35114 Published : Aug. 26, 2025, 11:15 p.m. | 12 hours, 1 minute ago Description : Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-35115 - Agiloft Insecure Package Download Vulnerability

CVE ID : CVE-2025-35115 Published : Aug. 26, 2025, 11:15 p.m. | 12 hours, 1 minute ago Description : Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30. Severity: 9.2 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-57820 - Svelte Devalue Prototype Pollution Vulnerability

CVE ID : CVE-2025-57820 Published : Aug. 26, 2025, 11:15 p.m. | 12 hours, 1 minute ago Description : Svelte devalue is a utility library. Prior to version 5.3.2, a string passed to devalue.parse could represent an object with a __proto__ property and devalue.parse does not check that an index is numeric. This could result in assigning prototypes to objects and properties, leading to prototype pollution. This issue has been fixed in version 5.3.2 Severity: 7.9 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-9277 - SiteSEO - WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-9277 Published : Aug. 26, 2025, 11:15 p.m. | 12 hours, 1 minute ago Description : The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the broken preg_replace expression in all versions up to, and including, 1.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-35113 - Agiloft Remote Code Execution Vulnerability

CVE ID : CVE-2025-35113 Published : Aug. 26, 2025, 11:15 p.m. | 9 hours, 12 minutes ago Description : Agiloft Release 28 does not properly neutralize special elements used in an EUI template engine, allowing an authenticated attacker to achieve remote code execution by loading a specially crafted payload. Users should upgrade to Agiloft Release 31. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22411 - Cisco SDP Use After Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-22411 Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago Description : In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22412 - Apache SDP Server Use-After-Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-22412 Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago Description : In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22413 - Apache HTTP Server Privilege Escalation Vulnerability

CVE ID : CVE-2025-22413 Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago Description : In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-26417 - Google Android Confused Deputy Local Information Disclosure

CVE ID : CVE-2025-26417 Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago Description : In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-35112 - Agiloft XML External Entities (XXE)

CVE ID : CVE-2025-35112 Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago Description : Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows 'import/export', allowing an authenticated attacker to import the template file and perform path traversal on the local system files. Users should upgrade to Agiloft Release 31. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22407 - BlueZ Use After Free Remote Information Disclosure

CVE ID : CVE-2025-22407 Published : Aug. 26, 2025, 11:15 p.m. | 6 hours ago Description : In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22408 - Citrix NetScaler Use-After-Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-22408 Published : Aug. 26, 2025, 11:15 p.m. | 6 hours ago Description : In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22409 - RFC TS Frames Use After Free Local Privilege Escalation

CVE ID : CVE-2025-22409 Published : Aug. 26, 2025, 11:15 p.m. | 6 hours ago Description : In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22410 - Apache HTTP Server Use-After-Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-22410 Published : Aug. 26, 2025, 11:15 p.m. | 6 hours ago Description : In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0086 - Android AccountManager Service Token Overwrite Vulnerability

CVE ID : CVE-2025-0086 Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago Description : In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0092 - Google Android Bond Permission Bypass

CVE ID : CVE-2025-0092 Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago Description : In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0093 - Android Device AdapterService Remote Information Disclosure Vulnerability

CVE ID : CVE-2025-0093 Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago Description : In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22403 - "Vulnerability in Google SDP's SDP Disovery Service: Arbitrary Code Execution"

CVE ID : CVE-2025-22403 Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago Description : In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22404 - Qualcomm AvCT LCB Act Use After Free Privilege Escalation

CVE ID : CVE-2025-22404 Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago Description : In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22405 - Apache HTTP Server Use After Free Arbitrary Code Execution

CVE ID : CVE-2025-22405 Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago Description : In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-22406 - Apache OpenWRT bnep Use After Free Local Privilege Escalation

CVE ID : CVE-2025-22406 Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago Description : In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0082 - Oracle Java Confused Deputy Image Disclosure

CVE ID : CVE-2025-0082 Published : Aug. 26, 2025, 11:15 p.m. | 3 hours, 59 minutes ago Description : In multiple functions of StatusHint.java and TelecomServiceImpl.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0083 - Apache HTTP Server Information Disclosure Vulnerability

CVE ID : CVE-2025-0083 Published : Aug. 26, 2025, 11:15 p.m. | 3 hours, 59 minutes ago Description : In multiple locations, there is a possible way to access content across user profiles due to URI double encoding. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0084 - Qualcomm Bluetooth HFP Use After Free Remote Code Execution

CVE ID : CVE-2025-0084 Published : Aug. 26, 2025, 11:15 p.m. | 3 hours, 59 minutes ago Description : In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-0081 - Adobe DNG JPEG Uninitialized Data Crash Vulnerability

CVE ID : CVE-2025-0081 Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago Description : In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 23:15:00 GMT

read more

CVE-2025-9492 - Campcodes Online Water Billing System SQL Injection Vulnerability

CVE ID : CVE-2025-9492 Published : Aug. 26, 2025, 10:15 p.m. | 43 minutes ago Description : A vulnerability was determined in Campcodes Online Water Billing System 1.0. This affects an unknown function of the file /addclient1.php. Executing manipulation of the argument lname can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Other parameters might be affected as well. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 22:15:00 GMT

read more

CVE-2024-35203 - Mahara Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2024-35203 Published : Aug. 26, 2025, 9:15 p.m. | 1 hour, 43 minutes ago Description : Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site scripting (XSS) via a file, with JavaScript code as part of its name, that is uploaded via the Mahara filebrowser system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 21:15:00 GMT

read more

CVE-2024-47192 - Mahara File Download Vulnerability

CVE ID : CVE-2024-47192 Published : Aug. 26, 2025, 9:15 p.m. | 1 hour, 43 minutes ago Description : An issue was discovered in Mahara 23.04.8 and 24.04.4. The use of a malicious export download URL can allow an attacker to download files that they do not have permission to download. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 21:15:00 GMT

read more

CVE-2025-50971 - AbanteCart Directory Traversal Vulnerability

CVE ID : CVE-2025-50971 Published : Aug. 26, 2025, 8:15 p.m. | 2 hours, 43 minutes ago Description : Directory traversal vulnerability in AbanteCart version 1.4.2 allows unauthenticated attackers to gain access to sensitive system files via the template parameter to index.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 20:15:00 GMT

read more

CVE-2025-52353 - Badaso CMS Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-52353 Published : Aug. 26, 2025, 8:15 p.m. | 2 hours, 43 minutes ago Description : An arbitrary code execution vulnerability in Badaso CMS 2.9.11. The Media Manager allows authenticated users to upload files containing embedded PHP code via the file-upload endpoint, bypassing content-type validation. When such a file is accessed via its URL, the server executes the PHP payload, enabling an attacker to run arbitrary system commands and achieve full compromise of the underlying host. This has been demonstrated by embedding a backdoor within a PDF and renaming it with a .php extension. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 20:15:00 GMT

read more

CVE-2025-55443 - Telpo MDM Plaintext Credentials and MQTT Server Exposure

CVE ID : CVE-2025-55443 Published : Aug. 26, 2025, 8:15 p.m. | 2 hours, 43 minutes ago Description : Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platform to execute administrative operations (device shutdown/factory reset/software installation); 2. Connect to the MQTT server to intercept/publish device data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 20:15:00 GMT

read more

CVE-2025-23307 - NVIDIA NeMo Curator Remote Code Execution Vulnerability

CVE ID : CVE-2025-23307 Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago Description : NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-23312 - NVIDIA NeMo Framework Code Injection Vulnerability

CVE ID : CVE-2025-23312 Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago Description : NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-23313 - NVIDIA NeMo Framework NLP Component Code Injection Vulnerability

CVE ID : CVE-2025-23313 Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago Description : NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-23314 - NVIDIA NeMo Framework NLP Code Injection Vulnerability

CVE ID : CVE-2025-23314 Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago Description : NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-23315 - NVIDIA NeMo Framework Code Injection Vulnerability

CVE ID : CVE-2025-23315 Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago Description : NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-50975 - IPFire Stored XSS in Firewall CGI Interface

CVE ID : CVE-2025-50975 Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago Description : IPFire 2.29 web-based firewall interface (firewall.cgi) fails to sanitize several rule parameters such as PROT, SRC_PORT, TGT_PORT, dnatport, key, ruleremark, src_addr, std_net_tgt, and tgt_addr, allowing an authenticated administrator to inject persistent JavaScript. This stored XSS payload is executed whenever another admin views the firewall rules page, enabling session hijacking, unauthorized actions within the interface, or further internal pivoting. Exploitation requires only high-privilege GUI access, and the complexity of the attack is low. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-9478 - Google Chrome ANGLE Use-After-Free Vulnerability

CVE ID : CVE-2025-9478 Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago Description : Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 19:15:00 GMT

read more

CVE-2025-50976 - IPFire 2 DNS Management Interface Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-50976 Published : Aug. 26, 2025, 6:15 p.m. | 4 hours, 43 minutes ago Description : IPFire 2.29 DNS management interface (dns.cgi) fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLS_HOSTNAME query parameters, resulting in a reflected cross-site scripting (XSS) vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 18:15:00 GMT

read more

CVE-2025-55298 - ImageMagick Format String Vulnerability

CVE ID : CVE-2025-55298 Published : Aug. 26, 2025, 6:15 p.m. | 4 hours, 43 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code execution. This issue has been patched in versions 6.9.13-28 and 7.1.2-2. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 18:15:00 GMT

read more

CVE-2025-57803 - ImageMagick Heap Corruption Vulnerability

CVE ID : CVE-2025-57803 Published : Aug. 26, 2025, 6:15 p.m. | 4 hours, 43 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 18:15:00 GMT

read more

CVE-2025-57818 - Firecrawl SSRF Vulnerability

CVE ID : CVE-2025-57818 Published : Aug. 26, 2025, 6:15 p.m. | 4 hours, 43 minutes ago Description : Firecrawl turns entire websites into LLM-ready markdown or structured data. Prior to version 2.0.1, a server-side request forgery (SSRF) vulnerability was discovered in Firecrawl's webhook functionality. Authenticated users could configure a webhook to an internal URL and send POST requests with arbitrary headers, which may have allowed access to internal systems. This has been fixed in version 2.0.1. If upgrading is not possible, it is recommend to isolate Firecrawl from any sensitive internal systems. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 18:15:00 GMT

read more

CVE-2025-1994 - IBM Cognos Command Center Deserialization Vulnerability

CVE ID : CVE-2025-1994 Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago Description : IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-2697 - IBM Cognos Command Center Open Redirect Vulnerability

CVE ID : CVE-2025-2697 Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago Description : IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-36729 - "Fortinet Web Interface Unauthorized Access and Privilege Escalation"

CVE ID : CVE-2025-36729 Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago Description : A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-50974 - IPFire Calamaris Log Exporter Remote Code Execution

CVE ID : CVE-2025-50974 Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago Description : The Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of the following parameters BYTE_UNIT, DAY_BEGIN, DAY_END, HIST_LEVEL, MONTH_BEGIN, MONTH_END, NUM_CONTENT, NUM_DOMAINS, NUM_HOSTS, NUM_URLS, PERF_INTERVAL, YEAR_BEGIN, YEAR_END. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-52184 - Helpy.io Cross Site Scripting (XSS)

CVE ID : CVE-2025-52184 Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago Description : Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket funtion. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-55212 - ImageMagick Denial of Service Vulnerability

CVE ID : CVE-2025-55212 Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage() divides by these zero dimensions, triggering a crash (SIGFPE/abort), resulting in a denial of service. This issue has been patched in versions 6.9.13-28 and 7.1.2-2. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-57425 - SourceCodester FAQ Management System Stored XSS Vulnerability

CVE ID : CVE-2025-57425 Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago Description : A Stored Cross-Site Scripting (XSS) vulnerability in SourceCodester FAQ Management System 1.0 allows an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields via the update-faq.php endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-9491 - Microsoft Windows LNK File Remote Code Execution Vulnerability

CVE ID : CVE-2025-9491 Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago Description : Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of .LNK files. Crafted data in an .LNK file can cause hazardous content in the file to be invisible to a user who inspects the file via the Windows-provided user interface. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25373. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-1494 - IBM Cognos Command Center Clickjacking Vulnerability

CVE ID : CVE-2025-1494 Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 10 minutes ago Description : IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 17:15:00 GMT

read more

CVE-2025-57810 - jsPDF High CPU Utilization Denial of Service Vulnerability

CVE ID : CVE-2025-57810 Published : Aug. 26, 2025, 4:15 p.m. | 4 hours, 58 minutes ago Description : jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG file that results in high CPU utilization and denial of service. The vulnerability was fixed in jsPDF 3.0.2. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 16:15:00 GMT

read more

CVE-2025-57813 - traP traQ Exposed OAuth Tokens in SQL Error Logs

CVE ID : CVE-2025-57813 Published : Aug. 26, 2025, 4:15 p.m. | 4 hours, 58 minutes ago Description : traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an attacker who has the authority to view the log files to illicitly acquire the recorded sensitive information. This vulnerability has been patched in version 3.25.0. If upgrading is not possible, a temporary workaround involves reviewing access permissions for SQL error logs and strictly limiting access to prevent unauthorized users from viewing them. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 16:15:00 GMT

read more

CVE-2025-56432 - Nagios XI Cross-Site Scripting (XSS)

CVE ID : CVE-2025-56432 Published : Aug. 26, 2025, 4:15 p.m. | 3 hours, 56 minutes ago Description : A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-related data. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 16:15:00 GMT

read more

CVE-2025-52219 - SelectZero Data Observability Platform Open Redirect Vulnerability

CVE ID : CVE-2025-52219 Published : Aug. 26, 2025, 3:15 p.m. | 4 hours, 56 minutes ago Description : SelectZero SelectZero Data Observability Platform before 2025.5.2 contains an Open Redirect vulnerability. Legacy UI fields can be used to create arbitrary external links via HTML Injection. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-6366 - WordPress Event List Plugin Privilege Escalation Vulnerability

CVE ID : CVE-2025-6366 Published : Aug. 26, 2025, 3:15 p.m. | 4 hours, 56 minutes ago Description : The Event List plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.0.4. This is due to the plugin not properly validating a user's capabilities prior to updating their profile in the el_update_profile() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change their capabilities to those of an administrator. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25732 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units EEPROM Access Control Bypass Privilege Escalation

CVE ID : CVE-2025-25732 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows attackers to replace password hashes stored in the EEPROM with hashes of their own, leading to the escalation of privileges to root. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25733 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units SPI Flash Chip Access Control Bypass

CVE ID : CVE-2025-25733 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the device. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25734 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units (RSUs) Boot Process Privilege Escalation

CVE ID : CVE-2025-25734 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute arbitrary code or escalate privileges during the boot process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25735 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units (RSUs) SPI Flash Modification Vulnerability

CVE ID : CVE-2025-25735 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers (PRRs), allowing attackers with software running on the system to modify SPI flash in real-time. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25736 - Kapsch TrafficCom RIS-9260 RSU Android Debug Bridge Root Access

CVE ID : CVE-2025-25736 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge (ADB) pre-installed (/mnt/c3platpersistent/opt/platform-tools/adb) and enabled by default, allowing unauthenticated root shell access to the cellular modem via the default 'kapsch' user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-25737 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units (RSUs) Unprotected BIOS Authentication

CVE ID : CVE-2025-25737 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User accounts, allowing attackers to bypass authentication via a bruteforce attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52035 - NotesCMS Stored XSS Vulnerability

CVE ID : CVE-2025-52035 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : A vulnerability in NotesCMS and specifically in the page /index.php?route=notes. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 (dated 2024-05-08) and was fixed in commit 95322c5121dbd7070f3bd54f2848079654a0a8ea (dated 2025-03-31). The attack can be launched remotely. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52036 - NotesCMS Stored XSS Vulnerability

CVE ID : CVE-2025-52036 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : A vulnerability has been found in NotesCMS and classified as medium. Affected by this vulnerability is the page /index.php?route=categories. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 (dated 2024-05-08), and was fixed in commit 95322c5121dbd7070f3bd54f2848079654a0a8ea (dated 2025-03-31). The attack can be launched remotely. CWE Definition of the Vulnerability: CWE-79. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52037 - NotesCMS Stored XSS Vulnerability

CVE ID : CVE-2025-52037 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : A vulnerability has been found in NotesCMS and classified as medium. Affected by this vulnerability is the page /index.php?route=sites. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 (dated 2024-05-08), and was fixed in commit 95322c5121dbd7070f3bd54f2848079654a0a8ea (dated 2025-03-31). The attack can be launched remotely. CWE Definition of the Vulnerability: CWE-79. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52217 - SelectZero Data Observability Platform HTML Injection Vulnerability

CVE ID : CVE-2025-52217 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : SelectZero Data Observability Platform before 2025.5.2 is vulnerable to HTML Injection. Legacy UI fields improperly handle user-supplied input, allowing injection of arbitrary HTML. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2025-52218 - SelectZero Data Observability Platform Content Spoofing Vulnerability

CVE ID : CVE-2025-52218 Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago Description : SelectZero Data Observability Platform before 2025.5.2 is vulnerable to Content Spoofing / Text Injection. Improper sanitization of unspecified parameters allows attackers to inject arbitrary text or limited HTML into the login page. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2024-39335 - Mahara Information Disclosure Vulnerability

CVE ID : CVE-2024-39335 Published : Aug. 26, 2025, 3:15 p.m. | 1 hour, 21 minutes ago Description : Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration -> Groups -> Submissions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 15:15:00 GMT

read more

CVE-2024-47853 - Mahara LTI Privilege Escalation Vulnerability

CVE ID : CVE-2024-47853 Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago Description : An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may utilize escalation of privileges in certain cases when logging into Mahara with Learning Tools Interoperability (LTI). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-29992 - Mahara Database Connection Information Disclosure

CVE ID : CVE-2025-29992 Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago Description : Mahara before 24.04.9 exposes database connection information if the database becomes unreachable, e.g., due to the database server being temporarily down or too busy. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-50753 - Mitrastar GPT-2741GNAC-N2 SSH Command Injection Vulnerability

CVE ID : CVE-2025-50753 Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago Description : Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" (quotes included) to the argument of this command will drop a root shell. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-55526 - n8n-workflows Directory Traversal Vulnerability

CVE ID : CVE-2025-55526 Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago Description : n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_server.py Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-8424 - Citrix NetScaler ADC and Gateway Unauthenticated Remote Command Injection

CVE ID : CVE-2025-8424 Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago Description : Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-9481 - Linksys Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9481 Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function setIpv6 of the file /goform/setIpv6. The manipulation of the argument tunrd_Prefix leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-9482 - "Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-9482 Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago Description : A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function portRangeForwardAdd of the file /goform/portRangeForwardAdd. The manipulation of the argument ruleName/schedule/inboundFilter/TCPPorts/UDPPorts results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-9483 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9483 Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago Description : A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2024-45753 - Mahara External RSS Feed Block Cross-Site Scripting (XSS)

CVE ID : CVE-2024-45753 Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 11 minutes ago Description : In Mahara 23.04.8 and 24.04.4, the external RSS feed block can cause XSS if the external feed XML has a malicious value for the link attribute. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 14:15:00 GMT

read more

CVE-2025-8700 - Invoice Ninja macOS Debugging Entitlement Vulnerability

CVE ID : CVE-2025-8700 Published : Aug. 26, 2025, 1:15 p.m. | 3 hours, 11 minutes ago Description : Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access (e.g. via a malicious application) to attach a debugger, read or modify the process memory, inject code in the application's context despite being signed with Hardened Runtime and bypass Transparency, Consent, and Control (TCC). Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted permissions requires user interaction with a system prompt asking for permission. According to Apple documentation, when a non-root user runs an app with the debugging tool entitlement, the system presents an authorization dialog asking for a system administrator's credentials. Since there is no prompt when the target process has "get-task-allow" entitlement, the presence of this entitlement was decided to be treated as a vulnerability because it removes one step needed to perform an attack. This issue was fixed in version 5.0.175 Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-9190 - "Cursor macOS Local Privilege Escalation (Unauthenticated Code Execution)"

CVE ID : CVE-2025-9190 Published : Aug. 26, 2025, 1:15 p.m. | 3 hours, 11 minutes ago Description : The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC (Transparency, Consent, and Control) permissions. Acquired resource access is limited to previously granted permissions by the user. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Cursor, potentially disguising attacker's malicious intent. This issue was detected in 15.4.1 version of Cursor. Project maintainers decided not to fix this issue, because a scenario including a local attacker falls outside their defined threat model. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-38676 - "AMD IOMMU Stack Buffer Overflow"

CVE ID : CVE-2025-38676 Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-53811 - Mosh-Pro macOS RunAsNode Arbitrary Code Execution

CVE ID : CVE-2025-53811 Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago Description : The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC (Transparency, Consent, and Control) permissions. Acquired resource access is limited to previously granted permissions by the user. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Mosh-Pro, potentially disguising attacker's malicious intent. This issue was detected in 1.3.2 version of Mosh-Pro. Since authors did not respond to messages from CNA, patching status is unknown. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-53813 - Nozbe macOS Arbitrary Code Execution (TCC Permission Escalation)

CVE ID : CVE-2025-53813 Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago Description : The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency, Consent, and Control) permissions. Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission. This issue was fixed in version 2025.11 of Nozbe. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-7775 - Citrix NetScaler Remote Code Execution and Denial of Service Vulnerability

CVE ID : CVE-2025-7775 Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago Description : Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX Severity: 9.2 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-7776 - Citrix NetScaler Memory Overflow Denial of Service

CVE ID : CVE-2025-7776 Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago Description : Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-8597 - MacVim macOS Local Debugger Bypass

CVE ID : CVE-2025-8597 Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago Description : MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access (e.g. via a malicious application) to attach a debugger, read or modify the process memory, inject code in the application's context despite being signed with Hardened Runtime and bypass Transparency, Consent, and Control (TCC). Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted permissions requires user interaction with a system prompt asking for permission. According to Apple documentation, when a non-root user runs an app with the debugging tool entitlement, the system presents an authorization dialog asking for a system administrator's credentials. Since there is no prompt when the target process has "get-task-allow" entitlement, the presence of this entitlement was decided to be treated as a vulnerability because it removes one step needed to perform an attack. This issue was fixed in build r181.2 Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 13:15:00 GMT

read more

CVE-2025-1501 - CMC Unauthenticated Access Control Bypass

CVE ID : CVE-2025-1501 Published : Aug. 26, 2025, 11:15 a.m. | 3 hours, 21 minutes ago Description : An access control vulnerability was discovered in the Request Trace and Download Trace functionalities of CMC before 25.1.0 due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can request and download trace files due to improper access restrictions, potentially exposing unauthorized network data. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 11:15:00 GMT

read more

CVE-2025-44002 - TeamViewer RCE

CVE ID : CVE-2025-44002 Published : Aug. 26, 2025, 11:15 a.m. | 3 hours, 21 minutes ago Description : Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link manipulation during directory verification. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 11:15:00 GMT

read more

CVE-2025-29901 - Asustor File Station NULL Pointer Dereference Denial of Service

CVE ID : CVE-2025-29901 Published : Aug. 26, 2025, 10:15 a.m. | 4 hours, 21 minutes ago Description : A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4933 and later Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 10:15:00 GMT

read more

CVE-2025-48108 - Mojoomla School Management Missing Authorization Vulnerability

CVE ID : CVE-2025-48108 Published : Aug. 26, 2025, 10:15 a.m. | 4 hours, 21 minutes ago Description : Missing Authorization vulnerability in Mojoomla School Management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects School Management: from n/a through 93.2.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 10:15:00 GMT

read more

CVE-2025-6247 - "WordPress Automatic Plugin CSRF Vulnerability"

CVE ID : CVE-2025-6247 Published : Aug. 26, 2025, 9:15 a.m. | 5 hours, 21 minutes ago Description : The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to update campaigns and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 09:15:00 GMT

read more

CVE-2025-53418 - Delta Electronics COMMGR Stack-based Buffer Overflow

CVE ID : CVE-2025-53418 Published : Aug. 26, 2025, 7:15 a.m. | 7 hours, 21 minutes ago Description : Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 07:15:00 GMT

read more

CVE-2025-53419 - Delta Electronics COMMGR Code Injection Vulnerability

CVE ID : CVE-2025-53419 Published : Aug. 26, 2025, 7:15 a.m. | 7 hours, 21 minutes ago Description : Delta Electronics COMMGR has Code Injection vulnerability. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 07:15:00 GMT

read more

CVE-2025-57704 - Delta Electronics EIP Builder XML External Entity Information Disclosure

CVE ID : CVE-2025-57704 Published : Aug. 26, 2025, 7:15 a.m. | 7 hours, 21 minutes ago Description : Delta Electronics EIP Builder version 1.11 is vulnerable to a File Parsing XML External Entity Processing Information Disclosure Vulnerability. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 07:15:00 GMT

read more

CVE-2024-8860 - Tourfic for WordPress Unauthenticated Data Modification Vulnerability

CVE ID : CVE-2024-8860 Published : Aug. 26, 2025, 7:15 a.m. | 7 hours, 3 minutes ago Description : The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tf_order_status_email_resend_function, tf_visitor_details_edit_function, tf_checkinout_details_edit_function, tf_order_status_edit_function, tf_order_bulk_action_edit_function, tf_remove_room_order_ids, and tf_delete_old_review_fields functions in all versions up to, and including, 2.14.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to resend order status emails, update visitor/order details, edit check-in/out details, edit order status, perform bulk order status updates, remove room order IDs, and delete old review fields, respectively. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 07:15:00 GMT

read more

Les derniers articles scientifiques co-écrits par des agents issus des labos de l’ANSSI

]]>

Tue, 26 Aug 2025 07:00:00 GMT

read more

CVE-2025-41702 - EgOS WebGUI Cryptographic Key Disclosure Vulnerability

CVE ID : CVE-2025-41702 Published : Aug. 26, 2025, 6:15 a.m. | 8 hours, 3 minutes ago Description : The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 06:15:00 GMT

read more

CVE-2025-9475 - SourceCodester Human Resource Information System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9475 Published : Aug. 26, 2025, 6:15 a.m. | 8 hours, 3 minutes ago Description : A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin_Dashboard/process/editemployee_process.php. This manipulation of the argument employee_file201 causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 06:15:00 GMT

read more

CVE-2025-9476 - SourceCodester Human Resource Information System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9476 Published : Aug. 26, 2025, 6:15 a.m. | 8 hours, 3 minutes ago Description : A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected by this issue is some unknown functionality of the file /Superadmin_Dashboard/process/editemployee_process.php. Such manipulation of the argument employee_file201 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 06:15:00 GMT

read more

CVE-2025-5931 - Dokan Pro WordPress Privilege Escalation via Account Takeover

CVE ID : CVE-2025-5931 Published : Aug. 26, 2025, 5:15 a.m. | 9 hours, 3 minutes ago Description : The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.5. This is due to the plugin not properly validating a user's identity prior to updating their password during a staff password reset. This makes it possible for authenticated attackers, with vendor-level access and above, to elevate their privilege to the level of a staff member and then change arbitrary user passwords, including those of administrators in order to gain access to their accounts. By default, the plugin allows customers to become vendors. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 05:15:00 GMT

read more

CVE-2025-9472 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9472 Published : Aug. 26, 2025, 5:15 a.m. | 9 hours, 3 minutes ago Description : A vulnerability was found in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /owner_utility/add_owner_utility.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 05:15:00 GMT

read more

CVE-2025-9473 - SourceCodester Online Bank Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9473 Published : Aug. 26, 2025, 5:15 a.m. | 9 hours, 3 minutes ago Description : A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. This impacts an unknown function of the file /feedback.php. The manipulation of the argument msg leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 05:15:00 GMT

read more

CVE-2025-9474 - Mihomo Party Local File Inclusion Vulnerability

CVE ID : CVE-2025-9474 Published : Aug. 26, 2025, 5:15 a.m. | 9 hours, 3 minutes ago Description : A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit is now public and may be used. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 05:15:00 GMT

read more

CVE-2025-9471 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9471 Published : Aug. 26, 2025, 4:16 a.m. | 10 hours, 3 minutes ago Description : A vulnerability has been found in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /maintenance/add_maintenance_cost.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 04:16:00 GMT

read more

CVE-2025-9470 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9470 Published : Aug. 26, 2025, 4:16 a.m. | 8 hours, 51 minutes ago Description : A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/add_m_committee.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 04:16:00 GMT

read more

CVE-2025-9172 - WordPress Vibes Plugin SQL Injection Vulnerability

CVE ID : CVE-2025-9172 Published : Aug. 26, 2025, 4:15 a.m. | 8 hours, 51 minutes ago Description : The Vibes plugin for WordPress is vulnerable to time-based SQL Injection via the ‘resource’ parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 04:15:00 GMT

read more

CVE-2025-9468 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9468 Published : Aug. 26, 2025, 4:15 a.m. | 8 hours, 51 minutes ago Description : A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /bill/add_bill.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 04:15:00 GMT

read more

CVE-2025-9469 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9469 Published : Aug. 26, 2025, 4:15 a.m. | 8 hours, 51 minutes ago Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fund/add_fund.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 04:15:00 GMT

read more

CVE-2025-9443 - Tenda CH22 Buffer Overflow Vulnerability

CVE ID : CVE-2025-9443 Published : Aug. 26, 2025, 3:15 a.m. | 9 hours, 51 minutes ago Description : A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument new_account can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 03:15:00 GMT

read more

CVE-2025-9444 - "1000projects Online Project Report Submission and Evaluation System SQL Injection Vulnerability"

CVE ID : CVE-2025-9444 Published : Aug. 26, 2025, 3:15 a.m. | 9 hours, 51 minutes ago Description : A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown processing of the file /admin/controller/delete_group_student.php. The manipulation of the argument batch_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 03:15:00 GMT

read more

CVE-2025-9461 - Diyhi BBS File Compression Handler Information Disclosure Vulnerability

CVE ID : CVE-2025-9461 Published : Aug. 26, 2025, 3:15 a.m. | 9 hours, 51 minutes ago Description : A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 03:15:00 GMT

read more

CVE-2025-9440 - Apache 1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9440 Published : Aug. 26, 2025, 2:15 a.m. | 10 hours, 51 minutes ago Description : A security vulnerability has been detected in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected by this issue is some unknown functionality of the file /admin/add_title.php. Such manipulation of the argument Title leads to cross site scripting. The attack may be performed from a remote location. The exploit has been disclosed publicly and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9438 - 1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9438 Published : Aug. 26, 2025, 2:15 a.m. | 8 hours, 48 minutes ago Description : A security flaw has been discovered in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected is an unknown function of the file /admin/add_student.php. The manipulation of the argument address results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be exploited. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9439 - Apache 1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9439 Published : Aug. 26, 2025, 2:15 a.m. | 8 hours, 48 minutes ago Description : A weakness has been identified in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected by this vulnerability is an unknown functionality of the file /rse/admin/edit_faculty.php?id=2. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-8447 - GitHub Enterprise Server Code Access Bypass

CVE ID : CVE-2025-8447 Published : Aug. 26, 2025, 2:15 a.m. | 6 hours, 45 minutes ago Description : An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by creating a diff between the repositories. To exploit this vulnerability, an attacker needed to know the name of a private repository along with its branches, tags, or commit SHAs that they could use to trigger compare/diff functionality and retrieve limited code without proper authorization. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.18, and was fixed in versions 3.14.17, 3.15.12, 3.16.8 and 3.17.5. This vulnerability was reported via the GitHub Bug Bounty program. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9433 - Mtons MBlog Remote Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9433 Published : Aug. 26, 2025, 2:15 a.m. | 6 hours, 45 minutes ago Description : A vulnerability was found in mtons mblog up to 3.5.0. The impacted element is an unknown function of the file /admin/user/list of the component Admin Panel. Performing manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9434 - "1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-9434 Published : Aug. 26, 2025, 2:15 a.m. | 6 hours, 45 minutes ago Description : A vulnerability was determined in 1000projects Online Project Report Submission and Evaluation System 1.0. This affects an unknown function of the file /admin/edit_title.php?id=1. Executing manipulation of the argument desc can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 02:15:00 GMT

read more

CVE-2025-9430 - Mtons Mblog Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9430 Published : Aug. 26, 2025, 1:15 a.m. | 5 hours, 3 minutes ago Description : A vulnerability was detected in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /admin/options/update. The manipulation of the argument input results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 01:15:00 GMT

read more

CVE-2025-9431 - Mtons MBlog Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9431 Published : Aug. 26, 2025, 1:15 a.m. | 5 hours, 3 minutes ago Description : A flaw has been found in mtons mblog up to 3.5.0. Impacted is an unknown function of the file /search. This manipulation of the argument kw causes cross site scripting. The attack can be initiated remotely. The exploit has been published and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 01:15:00 GMT

read more

CVE-2025-9432 - Mtons MBlog Cross Site Scripting Vulnerability

CVE ID : CVE-2025-9432 Published : Aug. 26, 2025, 1:15 a.m. | 5 hours, 3 minutes ago Description : A vulnerability has been found in mtons mblog up to 3.5.0. The affected element is an unknown function of the file /admin/post/list of the component Admin Panel. Such manipulation of the argument Title leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 01:15:00 GMT

read more

CVE-2025-9429 - Mtons Mblog Cross Site Scripting Vulnerability

CVE ID : CVE-2025-9429 Published : Aug. 26, 2025, 12:15 a.m. | 6 hours, 3 minutes ago Description : A security vulnerability has been detected in mtons mblog up to 3.5.0. This vulnerability affects unknown code of the file /post/submit of the component Post Handler. The manipulation of the argument content/title/ leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 26 Aug 2025 00:15:00 GMT

read more

CVE-2025-9424 - "Ruijie WS7204-A Remote File Inclusion Vulnerability"

CVE ID : CVE-2025-9424 Published : Aug. 25, 2025, 11:15 p.m. | 7 hours, 3 minutes ago Description : A vulnerability was identified in Ruijie WS7204-A 2017.06.15. Affected by this vulnerability is an unknown functionality of the file /itbox_pi/branch_import.php?a=branch_list. Such manipulation of the argument province leads to os command injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 23:15:00 GMT

read more

CVE-2025-9425 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9425 Published : Aug. 25, 2025, 11:15 p.m. | 7 hours, 3 minutes ago Description : A security flaw has been discovered in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /enquiry.php. Performing manipulation of the argument pid results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 23:15:00 GMT

read more

CVE-2025-9426 - iSourcecode Online Tour and Travel Management System SQL Injection

CVE ID : CVE-2025-9426 Published : Aug. 25, 2025, 11:15 p.m. | 7 hours, 3 minutes ago Description : A weakness has been identified in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can lead to sql injection. The attack may be performed from a remote location. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 23:15:00 GMT

read more

CVE-2025-9423 - Campcodes Online Water Billing System SQL Injection

CVE ID : CVE-2025-9423 Published : Aug. 25, 2025, 11:15 p.m. | 5 hours, 16 minutes ago Description : A vulnerability was determined in Campcodes Online Water Billing System 1.0. Affected is an unknown function of the file /editecex.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 23:15:00 GMT

read more

CVE-2025-9420 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9420 Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 16 minutes ago Description : A flaw has been found in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /floor/addfloor.php. Executing manipulation of the argument hdnid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-9421 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9421 Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 16 minutes ago Description : A vulnerability has been found in itsourcecode Apartment Management System 1.0. This affects an unknown function of the file /complain/addcomplain.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-9422 - Samarium OITcode Team Image Handler Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9422 Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 16 minutes ago Description : A vulnerability was found in oitcode samarium up to 0.9.6. This impacts an unknown function of the file /dashboard/team of the component Team Image Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-57805 - Scratch Channel Unauthenticated Article Publishing Vulnerability

CVE ID : CVE-2025-57805 Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 5 minutes ago Description : The Scratch Channel is a news website. In versions 1 and 1.1, a POST request to the endpoint used to publish articles, can be used to post an article in any category with any date, regardless of who's logged in. This issue has been patched in version 1.2. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-57809 - XGrammar Infinite Recursion Vulnerability

CVE ID : CVE-2025-57809 Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 5 minutes ago Description : XGrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to version 0.1.21, XGrammar has an infinite recursion issue in the grammar. This issue has been resolved in version 0.1.21. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-57814 - Apache Request-Filtering-Agent SSRF Bypass

CVE ID : CVE-2025-57814 Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 5 minutes ago Description : request-filtering-agent is an http(s).Agent implementation that blocks requests to Private/Reserved IP addresses. Versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. This allows attackers to potentially access internal HTTPS services running on localhost, bypassing the library's SSRF protection. The vulnerability is particularly dangerous when the application accepts user-controlled URLs and internal services are only protected by network-level restrictions. This vulnerability has been fixed in request-filtering-agent version 2.0.0. Users should upgrade to version 2.0.0 or later. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-8627 - TP-Link KP303 Unauthenticated Remote Command Injection

CVE ID : CVE-2025-8627 Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 5 minutes ago Description : The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak. This issue affects TP-Link KP303 (US) Smartplug: before 1.1.0. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 22:15:00 GMT

read more

CVE-2025-9419 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9419 Published : Aug. 25, 2025, 9:15 p.m. | 7 hours, 5 minutes ago Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /unit/addunit.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 21:15:00 GMT

read more

CVE-2025-57804 - Apache H2 HTTP/2 Request Smuggling Vulnerability

CVE ID : CVE-2025-57804 Published : Aug. 25, 2025, 9:15 p.m. | 5 hours, 4 minutes ago Description : h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to HTTP/1.1 without properly validating header names/values, enabling attackers to manipulate request boundaries and bypass security controls. This issue has been patched in version 4.3.0. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 21:15:00 GMT

read more

CVE-2025-6188 - Arista EOS UDP Port 3503 Remote Denial of Service and Authentication Bypass

CVE ID : CVE-2025-6188 Published : Aug. 25, 2025, 9:15 p.m. | 5 hours, 4 minutes ago Description : On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 21:15:00 GMT

read more

CVE-2025-9418 - itsourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9418 Published : Aug. 25, 2025, 9:15 p.m. | 5 hours, 4 minutes ago Description : A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /owner/addowner.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 21:15:00 GMT

read more

CVE-2025-3456 - Arista EOS Clear Text Encryption Key Disclosure

CVE ID : CVE-2025-3456 Published : Aug. 25, 2025, 8:15 p.m. | 6 hours, 4 minutes ago Description : On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protocol specific passwords in cases where symmetric passwords are required between devices with neighbor protocol relationships. Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 20:15:00 GMT

read more

CVE-2025-52130 - WebErpMesv2 File Upload RCE

CVE ID : CVE-2025-52130 Published : Aug. 25, 2025, 8:15 p.m. | 6 hours, 4 minutes ago Description : File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to upload arbitrary files, including PHP scripts, which can be accessed via direct GET requests, potentially resulting in remote code execution (RCE) on the web server. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 20:15:00 GMT

read more

CVE-2025-9416 - "Oitcode Samarium Pages Image Handler Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-9416 Published : Aug. 25, 2025, 8:15 p.m. | 6 hours, 4 minutes ago Description : A security flaw has been discovered in oitcode samarium up to 0.9.6. This vulnerability affects unknown code of the file /cms/webpage/ of the component Pages Image Handler. The manipulation results in cross site scripting. The attack may be performed from a remote location. The exploit has been released to the public and may be exploited. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 20:15:00 GMT

read more

CVE-2025-9417 - iSourcecode Apartment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9417 Published : Aug. 25, 2025, 8:15 p.m. | 6 hours, 4 minutes ago Description : A weakness has been identified in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /employee/addemployee.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 20:15:00 GMT

read more

CVE-2025-9414 - Kodbox Server-Download SSRF Vulnerability

CVE ID : CVE-2025-9414 Published : Aug. 25, 2025, 7:15 p.m. | 7 hours, 4 minutes ago Description : A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown functionality of the file /?explorer/upload/serverDownload of the component Download from Link Handler. Performing manipulation of the argument url results in server-side request forgery. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 19:15:00 GMT

read more

CVE-2025-9415 - GreenCMS Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9415 Published : Aug. 25, 2025, 7:15 p.m. | 7 hours, 4 minutes ago Description : A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload[] leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 19:15:00 GMT

read more

CVE-2025-57802 - Airlink Docker Bind Mount Symlink Privilege Escalation Vulnerability

CVE ID : CVE-2025-57802 Published : Aug. 25, 2025, 6:15 p.m. | 6 hours, 2 minutes ago Description : Airlink's Daemon interfaces with Docker and the Panel to provide secure access for controlling instances via the Panel. In version 1.0.0, an attacker with access to the affected container can create symbolic links inside the mounted directory (/app/data). Because the container bind-mounts an arbitrary host path, these symlinks can point to sensitive locations on the host filesystem. When the application or other processes follow these symlinks, the attacker can gain unauthorized read access to host files outside the container. This issue has been patched in version 1.0.1. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-57811 - Craft Server-Side Template Injection Remote Code Execution Vulnerability

CVE ID : CVE-2025-57811 Published : Aug. 25, 2025, 6:15 p.m. | 6 hours, 2 minutes ago Description : Craft is a platform for creating digital experiences. From versions 4.0.0-RC1 to 4.16.5 and 5.0.0-RC1 to 5.8.6, there is a potential remote code execution vulnerability via Twig SSTI (Server-Side Template Injection). This is a follow-up to CVE-2024-52293. This vulnerability has been patched in versions 4.16.6 and 5.8.7. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-9412 - LostVip.com Ruoyi-Go Remote SQL Injection

CVE ID : CVE-2025-9412 Published : Aug. 25, 2025, 6:15 p.m. | 6 hours, 2 minutes ago Description : A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-9413 - LostVIP Ruoyi-Go SQL Injection Vulnerability

CVE ID : CVE-2025-9413 Published : Aug. 25, 2025, 6:15 p.m. | 6 hours, 2 minutes ago Description : A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/system_router.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-50383 - Easy!Appointments SQL Injection

CVE ID : CVE-2025-50383 Published : Aug. 25, 2025, 6:15 p.m. | 4 hours, 6 minutes ago Description : alextselegidis Easy!Appointments v1.5.1 was discovered to contain a SQL injection vulnerability via the order_by parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 18:15:00 GMT

read more

CVE-2025-29420 - PerfreeBlog Directory Traversal Vulnerability

CVE ID : CVE-2025-29420 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : PerfreeBlog v4.0.11 has a directory traversal vulnerability in the getThemeFilesByName function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-29421 - PerfreeBlog Arbitrary File Read Vulnerability

CVE ID : CVE-2025-29421 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-50722 - Apache Sparkshop Unauthenticated Remote Code Execution

CVE ID : CVE-2025-50722 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-53120 - "Juniper Unified PAM Remote Code Execution via Path Traversal"

CVE ID : CVE-2025-53120 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-57760 - Langflow Privilege Escalation Vulnerability

CVE ID : CVE-2025-57760 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with RCE access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in full superuser access, even if the user initially registered through the UI as a regular (non-admin) account. A patched version has not been made public at this time. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-57772 - DataEase H2 JDBC RCE Bypass

CVE ID : CVE-2025-57772 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, there is a H2 JDBC RCE bypass in DataEase. If the JDBC URL meets criteria, the getJdbcUrl method is returned, which acts as the getter for the JdbcUrl parameter provided. This bypasses H2's filtering logic and returns the H2 JDBC URL, allowing the "driver":"org.h2.Driver" to specify the H2 driver for the JDBC connection. The vulnerability has been fixed in version 2.10.12. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-57773 - DataEase JNDI Injection Vulnerability

CVE ID : CVE-2025-57773 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, because DB2 parameters are not filtered, a JNDI injection attack can be directly launched. JNDI triggers an AspectJWeaver deserialization attack, writing to various files. This vulnerability requires commons-collections 4.x and aspectjweaver-1.9.22.jar. The vulnerability has been fixed in version 2.10.12. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-6737 - Securden Unified PAM Remote Vendor Gateway Authentication Bypass

CVE ID : CVE-2025-6737 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : Securden’s Unified PAM Remote Vendor Gateway access portal shares infrastructure and access tokens across multiple tenants. A malicious actor can obtain authentication material and access the gateway server with low-privilege permissions. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-9410 - LostVIP Ruoyi-go SQL Injection Vulnerability

CVE ID : CVE-2025-9410 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : A weakness has been identified in lostvip-com ruoyi-go up to 2.1. The affected element is the function SelectListByPage of the file modules/system/dao/GenTableDao.go. Executing manipulation of the argument isAsc/orderByColumn can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-9411 - "LostVIP.com Ruoyi-go SQL Injection Vulnerability"

CVE ID : CVE-2025-9411 Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago Description : A security vulnerability has been detected in lostvip-com ruoyi-go up to 2.1. The impacted element is the function SelectPageList of the file modules/system/service/LoginInforService.go. The manipulation of the argument isAsc leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 17:15:00 GMT

read more

CVE-2025-46411 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-46411 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-48005 - Biosig Project libbiosig Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-48005 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A heap-based buffer overflow vulnerability exists in the RHS2000 parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted RHS2000 file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-52461 - Biosig Project Libbiosig Nex Parsing Out-of-Bounds Read Information Leak

CVE ID : CVE-2025-52461 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : An out-of-bounds read vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted .nex file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-52581 - The Biosig Project libbiosig Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-52581 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-53511 - The Biosig Project libbiosig Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-53511 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-53518 - The Biosig Project libbiosig Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-53518 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ABF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-53557 - Biosig Project Libbiosig MFER Parsing Heap-Based Buffer Overflow

CVE ID : CVE-2025-53557 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-53853 - Biosig Project libbiosig Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-53853 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ISHNE ECG annotations file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54370 - PhpOffice/PhpSpreadsheet SSRF Vulnerability

CVE ID : CVE-2025-54370 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0, SSRF can occur when a processed HTML document is read and displayed in the browser. The vulnerability lies in the setPath method of the PhpOffice\PhpSpreadsheet\Worksheet\Drawing class, where a crafted string from the user is passed to the HTML reader. This issue has been patched in versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54462 - Biosig Project libbiosig Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54462 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted .nex file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54480 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54480 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8719 of biosig.c on the current master branch (35a819fa), when the Tag is 0: if (tag==0) { if (len!=1) fprintf(stderr,"Warning MFER tag0 incorrect length %i!=1\n",len); curPos += ifread(buf,1,len,hdr); } Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54481 - Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54481 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8744 of biosig.c on the current master branch (35a819fa), when the Tag is 3: else if (tag==3) { // character code char v[17]; // [1] if (len>16) fprintf(stderr,"Warning MFER tag2 incorrect length %i>16\n",len); curPos += ifread(&v,1,len,hdr); v[len] = 0; In this case, the overflowed buffer is the newly-declared `v` \[1\] instead of `buf`. Since `v` is only 17 bytes large, much smaller values of `len` (even those encoded using a single octet) can trigger an overflow in this code path. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54482 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54482 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8751 of biosig.c on the current master branch (35a819fa), when the Tag is 4: else if (tag==4) { // SPR if (len>4) fprintf(stderr,"Warning MFER tag4 incorrect length %i>4\n",len); curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54483 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54483 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8759 of biosig.c on the current master branch (35a819fa), when the Tag is 5: else if (tag==5) //0x05: number of channels { uint16_t oldNS=hdr->NS; if (len>4) fprintf(stderr,"Warning MFER tag5 incorrect length %i>4\n",len); curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54484 - Biosig Project libbiosig MFER Parsing Stack Buffer Overflow

CVE ID : CVE-2025-54484 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8779 of biosig.c on the current master branch (35a819fa), when the Tag is 6: else if (tag==6) // 0x06 "number of sequences" { // NRec if (len>4) fprintf(stderr,"Warning MFER tag6 incorrect length %i>4\n",len); curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54485 - Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54485 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8785 of biosig.c on the current master branch (35a819fa), when the Tag is 8: else if (tag==8) { if (len>2) fprintf(stderr,"Warning MFER tag8 incorrect length %i>2\n",len); curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54486 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54486 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8824 of biosig.c on the current master branch (35a819fa), when the Tag is 11: else if (tag==11) //0x0B { // Fs if (len>6) fprintf(stderr,"Warning MFER tag11 incorrect length %i>6\n",len); double fval; curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54487 - The Biosig Project libbiosig MFER Parsing Stack Buffer Overflow

CVE ID : CVE-2025-54487 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8842 of biosig.c on the current master branch (35a819fa), when the Tag is 12: else if (tag==12) //0x0C { // sampling resolution if (len>6) fprintf(stderr,"Warning MFER tag12 incorrect length %i>6\n",len); val32 = 0; int8_t v8; curPos += ifread(&UnitCode,1,1,hdr); curPos += ifread(&v8,1,1,hdr); curPos += ifread(buf,1,len-2,hdr); In addition to values of `len` greater than 130 triggering a buffer overflow, a value of `len` smaller than 2 will also trigger a buffer overflow due to an integer underflow when computing `len-2` in this code path. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54488 - "The Biosig Project libbiosig Stack-Based Buffer Overflow"

CVE ID : CVE-2025-54488 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8850 of biosig.c on the current master branch (35a819fa), when the Tag is 13: else if (tag==13) { if (len>8) fprintf(stderr,"Warning MFER tag13 incorrect length %i>8\n",len); curPos += ifread(&buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54489 - The Biosig Project libbiosig MFER Parsing Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54489 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8970 of biosig.c on the current master branch (35a819fa), when the Tag is 63: else if (tag==63) { uint8_t tag2=255, len2=255; count = 0; while ((count Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54490 - The Biosig Project libbiosig Stack-Based Buffer Overflow

CVE ID : CVE-2025-54490 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9090 of biosig.c on the current master branch (35a819fa), when the Tag is 64: else if (tag==64) //0x40 { // preamble char tmp[256]; // [1] curPos += ifread(tmp,1,len,hdr); In this case, the overflowed buffer is the newly-declared `tmp` \[1\] instead of `buf`. While `tmp` is larger than `buf`, having a size of 256 bytes, a stack overflow can still occur in cases where `len` is encoded using multiple octets and is greater than 256. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54491 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54491 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9191 of biosig.c on the current master branch (35a819fa), when the Tag is 65: else if (tag==65) //0x41: patient event { // event table curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54492 - Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54492 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9141 of biosig.c on the current master branch (35a819fa), when the Tag is 67: else if (tag==67) //0x43: Sample skew { int skew=0; // [1] curPos += ifread(&skew, 1, len,hdr); In this case, the address of the newly-defined integer `skew` \[1\] is overflowed instead of `buf`. This means a stack overflow can occur using much smaller values of `len` in this code path. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54493 - Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54493 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9184 of biosig.c on the current master branch (35a819fa), when the Tag is 131: else if (tag==131) //0x83 { // Patient Age if (len!=7) fprintf(stderr,"Warning MFER tag131 incorrect length %i!=7\n",len); curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-54494 - Biosig Project libbiosig MFER Parsing Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54494 Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9205 of biosig.c on the current master branch (35a819fa), when the Tag is 133: else if (tag==133) //0x85 { curPos += ifread(buf,1,len,hdr); Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 14:15:00 GMT

read more

CVE-2025-9407 - Mtons MBlog Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9407 Published : Aug. 25, 2025, 11:15 a.m. | 3 hours, 6 minutes ago Description : A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used. Other parameters might be affected as well. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 11:15:00 GMT

read more

CVE-2025-48303 - Kevin Langley Jr. Post Type Converter CSRF Vulnerability

CVE ID : CVE-2025-48303 Published : Aug. 25, 2025, 10:15 a.m. | 4 hours, 6 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Kevin Langley Jr. Post Type Converter allows Cross-Site Request Forgery.This issue affects Post Type Converter: from n/a through 0.6. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 10:15:00 GMT

read more

CVE-2025-8562 - WordPress Custom Query Shortcode Path Traversal

CVE ID : CVE-2025-8562 Published : Aug. 25, 2025, 10:15 a.m. | 4 hours, 6 minutes ago Description : The Custom Query Shortcode plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.4.0 via the 'lens' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of files on the server, which can contain sensitive information. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 10:15:00 GMT

read more

CVE-2025-7426 - Mnova TTA FTP Debug Port Authentication Bypass Information Disclosure

CVE ID : CVE-2025-7426 Published : Aug. 25, 2025, 9:15 a.m. | 5 hours, 6 minutes ago Description : Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse. Debug ports 1602, 1603 and 1636 also expose service architecture information and system activity logs Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 09:15:00 GMT

read more

CVE-2025-5191 - Moxa SerialInterfaceService Unquoted Search Path Privilege Escalation

CVE ID : CVE-2025-5191 Published : Aug. 25, 2025, 8:15 a.m. | 6 hours, 6 minutes ago Description : An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 08:15:00 GMT

read more

CVE-2025-54300 - "Joomla Quantum Manager SVG Upload Stored XSS"

CVE ID : CVE-2025-54300 Published : Aug. 25, 2025, 7:15 a.m. | 7 hours, 6 minutes ago Description : A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. The SVG upload feature does not sanitize uploads. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 07:15:00 GMT

read more

CVE-2025-54301 - "Quantum Manager Joomla Stored XSS"

CVE ID : CVE-2025-54301 Published : Aug. 25, 2025, 7:15 a.m. | 7 hours, 6 minutes ago Description : A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. File names are not properly escaped. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 07:15:00 GMT

read more

CVE-2025-8997 - OpenText Enterprise Security Manager Information Exposure Vulnerability

CVE ID : CVE-2025-8997 Published : Aug. 25, 2025, 7:15 a.m. | 7 hours, 6 minutes ago Description : An Information Exposure vulnerability has been identified in OpenText Enterprise Security Manager. The vulnerability could be remotely exploited. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 07:15:00 GMT

read more

CVE-2025-9118 - Google Cloud Dataform Path Traversal Vulnerability

CVE ID : CVE-2025-9118 Published : Aug. 25, 2025, 7:15 a.m. | 7 hours, 6 minutes ago Description : A path traversal vulnerability in the NPM package installation process of Google Cloud Dataform allows a remote attacker to read and write files in other customers' repositories via a maliciously crafted package.json file. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 07:15:00 GMT

read more

CVE-2025-5514 - Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module HTTP Request Delay Denial of Service Vulnerability

CVE ID : CVE-2025-5514 Published : Aug. 25, 2025, 6:15 a.m. | 8 hours, 6 minutes ago Description : Improper Handling of Length Parameter Inconsistency vulnerability in web server function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to delay the processing of the web server function and prevent legitimate users from utilizing the web server function, by sending a specially crafted HTTP request. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 06:15:00 GMT

read more

CVE-2025-9405 - Open5GS Remote Assertion Vulnerability

CVE ID : CVE-2025-9405 Published : Aug. 25, 2025, 4:15 a.m. | 10 hours, 6 minutes ago Description : A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmm_state_exception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. The patch is identified as 8e5fed16114f2f5e40bee1b161914b592b2b7b8f. Applying a patch is advised to resolve this issue. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 04:15:00 GMT

read more

CVE-2025-9406 - Apache Mossle CMS Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9406 Published : Aug. 25, 2025, 4:15 a.m. | 10 hours, 5 minutes ago Description : A weakness has been identified in xuhuisheng lemon up to 1.13.0. This affects the function uploadImage of the file CmsArticleController.java of the component com.mossle.cms.web.CmsArticleController.uploadImage. This manipulation of the argument Upload causes unrestricted upload. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 04:15:00 GMT

read more

CVE-2025-9403 - "jqlang jq JSON Parser Local Assertion Vulnerability"

CVE ID : CVE-2025-9403 Published : Aug. 25, 2025, 3:15 a.m. | 11 hours, 6 minutes ago Description : A vulnerability was determined in jqlang jq up to 1.6. Impacted is the function run_jq_tests of the file jq_test.c of the component JSON Parser. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Other versions might be affected as well. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 03:15:00 GMT

read more

CVE-2025-9404 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9404 Published : Aug. 25, 2025, 3:15 a.m. | 11 hours, 6 minutes ago Description : A vulnerability was identified in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file /pointHierarchySLTS of the component Folder Handler. The manipulation of the argument Title leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 03:15:00 GMT

read more

CVE-2025-9402 - HuangDou UTCMS Server-Side Request Forgery (SSRF) in Config Handler

CVE ID : CVE-2025-9402 Published : Aug. 25, 2025, 2:15 a.m. | 12 hours, 6 minutes ago Description : A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the file app/modules/ut-frame/admin/update.php of the component Config Handler. Performing manipulation of the argument UPDATEURL results in server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 02:15:00 GMT

read more

CVE-2025-9399 - YiFang CMS SQL Injection Vulnerability

CVE ID : CVE-2025-9399 Published : Aug. 25, 2025, 1:15 a.m. | 13 hours, 6 minutes ago Description : A vulnerability was detected in YiFang CMS up to 2.0.5. Affected by this issue is some unknown functionality of the file app/logic/L_tool.php. The manipulation of the argument new_url results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 01:15:00 GMT

read more

CVE-2025-9400 - YiFang CMS Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9400 Published : Aug. 25, 2025, 1:15 a.m. | 13 hours, 6 minutes ago Description : A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/P_file.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 01:15:00 GMT

read more

CVE-2025-9401 - HuangDou UTCMS Remote Code Execution Vulnerability

CVE ID : CVE-2025-9401 Published : Aug. 25, 2025, 1:15 a.m. | 13 hours, 6 minutes ago Description : A vulnerability has been found in HuangDou UTCMS 9. This vulnerability affects unknown code of the file app/modules/ut-frame/admin/login.php of the component Login. Such manipulation of the argument code leads to incorrect comparison. The attack can be executed remotely. The attack requires a high level of complexity. It is stated that the exploitability is difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 01:15:00 GMT

read more

CVE-2025-9398 - YiFang CMS Migrate.php Information Disclosure

CVE ID : CVE-2025-9398 Published : Aug. 25, 2025, 12:15 a.m. | 14 hours, 6 minutes ago Description : A security vulnerability has been detected in YiFang CMS up to 2.0.5. Affected by this vulnerability is the function exportInstallTable of the file app/utils/base/database/Migrate.php. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 25 Aug 2025 00:15:00 GMT

read more

CVE-2025-9396 - lrzip Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-9396 Published : Aug. 24, 2025, 11:15 p.m. | 15 hours, 6 minutes ago Description : A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function __GI_____strtol_l_internal of the file strtol_l.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be exploited. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 23:15:00 GMT

read more

CVE-2025-9397 - Givanz Vvveb Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9397 Published : Aug. 24, 2025, 11:15 p.m. | 15 hours, 6 minutes ago Description : A weakness has been identified in givanz Vvveb up to 1.0.7.2. Affected is an unknown function of the file /system/traits/media.php. Executing manipulation of the argument files[] can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. Applying a patch is advised to resolve this issue. The code maintainer explains, that "[he] fixed the code to remove this vulnerability and will make a new release". Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 23:15:00 GMT

read more

CVE-2025-9395 - Wangsongyan Wblog SRFO (Server-Side Request Forgery)

CVE ID : CVE-2025-9395 Published : Aug. 24, 2025, 10:15 p.m. | 16 hours, 6 minutes ago Description : A vulnerability was identified in wangsongyan wblog 0.0.1. This affects the function RestorePost of the file backup.go. Such manipulation of the argument fileName leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 22:15:00 GMT

read more

CVE-2025-9393 - "Linksys RE Series Stack-Based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-9393 Published : Aug. 24, 2025, 4:15 p.m. | 22 hours, 6 minutes ago Description : A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function addStaProfile of the file /goform/addStaProfile. Performing manipulation of the argument profile_name/Ssid/wep_key_1/wep_key_2/wep_key_3/wep_key_4/wep_key_length/wep_default_key/cipher/passphrase results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 16:15:00 GMT

read more

CVE-2025-9394 - PoDoFo PDF Dictionary Parser Use After Free Vulnerability

CVE ID : CVE-2025-9394 Published : Aug. 24, 2025, 4:15 p.m. | 22 hours, 6 minutes ago Description : A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been published and may be used. This patch is called 22d16cb142f293bf956f66a4d399cdd65576d36c. A patch should be applied to remediate this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 16:15:00 GMT

read more

CVE-2025-9392 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9392 Published : Aug. 24, 2025, 3:15 p.m. | 23 hours, 6 minutes ago Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function qosClassifier of the file /goform/qosClassifier. Such manipulation of the argument dir/sFromPort/sToPort/dFromPort/dToPort/protocol/layer7/dscp/remark_dscp leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 15:15:00 GMT

read more

CVE-2025-9391 - Bjskzy Zhiyou ERP SQL Injection

CVE ID : CVE-2025-9391 Published : Aug. 24, 2025, 3:15 p.m. | 20 hours, 31 minutes ago Description : A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this issue is the function getFieldValue of the component com.artery.workflow.ServiceImpl. This manipulation of the argument sql causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 15:15:00 GMT

read more

CVE-2025-9390 - Vim xxd Buffer Overflow Vulnerability

CVE ID : CVE-2025-9390 Published : Aug. 24, 2025, 2:15 p.m. | 21 hours, 8 minutes ago Description : A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 14:15:00 GMT

read more

CVE-2025-9388 - Scada-LTS Cross-Site Scripting

CVE ID : CVE-2025-9388 Published : Aug. 24, 2025, 1:15 p.m. | 20 hours, 12 minutes ago Description : A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function of the file watch_list.shtm. Executing manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 13:15:00 GMT

read more

CVE-2025-9389 - Vim Local Memory Corruption Vulnerability

CVE ID : CVE-2025-9389 Published : Aug. 24, 2025, 1:15 p.m. | 20 hours, 12 minutes ago Description : A vulnerability was identified in vim 9.1.0000. Affected is the function __memmove_avx_unaligned_erms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack needs to be performed locally. The exploit is publicly available and might be used. Some users are not able to reproduce this. One of the users mentions that this appears not to be working, "when coloring is turned on". Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 13:15:00 GMT

read more

CVE-2025-9387 - DCN DCME-720 Web Management Backend OS Command Injection

CVE ID : CVE-2025-9387 Published : Aug. 24, 2025, 12:15 p.m. | 19 hours, 11 minutes ago Description : A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ip_block.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Other products might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 12:15:00 GMT

read more

CVE-2025-9385 - Appneta TCPreplay Use After Free Vulnerability

CVE ID : CVE-2025-9385 Published : Aug. 24, 2025, 11:15 a.m. | 20 hours, 11 minutes ago Description : A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 11:15:00 GMT

read more

CVE-2025-9386 - AppNeta Tcpreplay Use After Free Vulnerability

CVE ID : CVE-2025-9386 Published : Aug. 24, 2025, 11:15 a.m. | 20 hours, 11 minutes ago Description : A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.2-beta3 is sufficient to resolve this issue. You should upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 11:15:00 GMT

read more

CVE-2025-9383 - FNKvision Y215 CCTV Camera Weak Hash Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-9383 Published : Aug. 24, 2025, 10:15 a.m. | 21 hours, 11 minutes ago Description : A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This issue affects the function crypt of the file /etc/passwd. The manipulation leads to use of weak hash. The attack can only be performed from a local environment. The complexity of an attack is rather high. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 10:15:00 GMT

read more

CVE-2025-9384 - Appneta TCPreplay Local Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-9384 Published : Aug. 24, 2025, 10:15 a.m. | 21 hours, 11 minutes ago Description : A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 4.5.2-beta2 is recommended to address this issue. Upgrading the affected component is advised. The vendor explains, that he was "[a]ble to reproduce in 6fcbf03 but not in 4.5.2-beta2". Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 10:15:00 GMT

read more

CVE-2025-9382 - FNKvision Y215 CCTV Camera Telnet Service Backdoor Vulnerability

CVE ID : CVE-2025-9382 Published : Aug. 24, 2025, 8:15 a.m. | 21 hours, 8 minutes ago Description : A weakness has been identified in FNKvision Y215 CCTV Camera 10.194.120.40. This vulnerability affects unknown code of the file s1_rf_test_config of the component Telnet Sevice. Executing manipulation can lead to backdoor. The physical device can be targeted for the attack. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 08:15:00 GMT

read more

CVE-2025-9381 - FNKvision Y215 CCTV Camera File Disclosure Vulnerability

CVE ID : CVE-2025-9381 Published : Aug. 24, 2025, 8:15 a.m. | 19 hours, 11 minutes ago Description : A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an unknown part of the file /tmp/wpa_supplicant.conf. Performing manipulation results in information disclosure. The attack may be carried out on the physical device. The attack's complexity is rated as high. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 1.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 08:15:00 GMT

read more

CVE-2025-9379 - "Belkin AX1800 Firmware Update Handler Remote Authentication Bypass"

CVE ID : CVE-2025-9379 Published : Aug. 24, 2025, 7:15 a.m. | 20 hours, 10 minutes ago Description : A vulnerability was determined in Belkin AX1800 1.1.00.016. Affected by this vulnerability is an unknown functionality of the component Firmware Update Handler. This manipulation causes insufficient verification of data authenticity. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 07:15:00 GMT

read more

CVE-2025-9380 - FNKvision Y215 CCTV Camera Firmware Hard-coded Credentials Vulnerability

CVE ID : CVE-2025-9380 Published : Aug. 24, 2025, 7:15 a.m. | 20 hours, 10 minutes ago Description : A vulnerability was identified in FNKvision Y215 CCTV Camera 10.194.120.40. Affected by this issue is some unknown functionality of the file /etc/passwd of the component Firmware. Such manipulation leads to hard-coded credentials. Local access is required to approach this attack. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 07:15:00 GMT

read more

CVE-2025-8208 - Spexo Addons for Elementor WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-8208 Published : Aug. 24, 2025, 6:15 a.m. | 21 hours, 10 minutes ago Description : The Spexo Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.0.23 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 06:15:00 GMT

read more

CVE-2025-36157 - IBM Jazz Foundation Unauthorized File Update Vulnerability

CVE ID : CVE-2025-36157 Published : Aug. 24, 2025, 2:15 a.m. | 22 hours, 42 minutes ago Description : IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 02:15:00 GMT

read more

CVE-2025-36174 - IBM Integrated Analytics System File Upload Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-36174 Published : Aug. 24, 2025, 2:15 a.m. | 22 hours, 42 minutes ago Description : IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 24 Aug 2025 02:15:00 GMT

read more

CVE-2025-9362 - Linksys Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9362 Published : Aug. 23, 2025, 2:15 p.m. | 1 day, 10 hours ago Description : A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function urlFilterManageRule of the file /goform/urlFilterManageRule. Executing manipulation of the argument urlFilterRuleName/scheduleUrl/addURLFilter can lead to stack-based buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 14:15:00 GMT

read more

CVE-2025-9363 - Linksys Wi-Fi Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9363 Published : Aug. 23, 2025, 2:15 p.m. | 1 day, 10 hours ago Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function portTriggerManageRule of the file /goform/portTriggerManageRule. The manipulation of the argument triggerRuleName/schedule leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 14:15:00 GMT

read more

CVE-2025-9361 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9361 Published : Aug. 23, 2025, 12:15 p.m. | 1 day, 11 hours ago Description : A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function ipRangeBlockManageRule of the file /goform/ipRangeBlockManageRule. Performing manipulation of the argument ipRangeBlockRuleName/scheduleIp/ipRangeBlockRuleIpAddr results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 12:15:00 GMT

read more

CVE-2025-9360 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9360 Published : Aug. 23, 2025, 11:15 a.m. | 1 day, 12 hours ago Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function accessControlAdd of the file /goform/accessControlAdd. Such manipulation of the argument ruleName/schedule leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 11:15:00 GMT

read more

CVE-2025-9359 - Linksys Wireless Router Stack-Based Buffer Overflow

CVE ID : CVE-2025-9359 Published : Aug. 23, 2025, 10:15 a.m. | 1 day, 13 hours ago Description : A weakness has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function RP_checkCredentialsByBBS of the file /goform/RP_checkCredentialsByBBS. This manipulation of the argument ssidhex/pwd causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 10:15:00 GMT

read more

CVE-2025-9358 - Linksys RE Series Stack-Based Buffer Overflow

CVE ID : CVE-2025-9358 Published : Aug. 23, 2025, 8:15 a.m. | 1 day, 13 hours ago Description : A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function setSysAdm of the file /goform/setSysAdm. The manipulation of the argument admpasshint results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 08:15:00 GMT

read more

CVE-2025-5060 - Bravis User WordPress Authentication Bypass Vulnerability

CVE ID : CVE-2025-5060 Published : Aug. 23, 2025, 7:15 a.m. | 1 day, 8 hours ago Description : The Bravis User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.0. This is due to the plugin not properly logging a user in with the data that was previously verified through the facebook_ajax_login_callback(). This makes it possible for unauthenticated attackers to log in as administrative users, as long as they have an existing account on the site, and access to the administrative user's email. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 07:15:00 GMT

read more

CVE-2025-5352 - "Lunary Analytics NEXT_PUBLIC_CUSTOM_SCRIPT Stored XSS Vulnerability"

CVE ID : CVE-2025-5352 Published : Aug. 23, 2025, 7:15 a.m. | 1 day, 8 hours ago Description : A critical stored Cross-Site Scripting (XSS) vulnerability exists in the Analytics component of lunary-ai/lunary versions up to 1.9.23, where the NEXT_PUBLIC_CUSTOM_SCRIPT environment variable is directly injected into the DOM using dangerouslySetInnerHTML without any sanitization or validation. This allows arbitrary JavaScript execution in all users' browsers if an attacker can control the environment variable during deployment or through server compromise. The vulnerability can lead to complete account takeover, data exfiltration, malware distribution, and persistent attacks affecting all users until the environment variable is cleaned. The issue is fixed in version 1.9.25. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 07:15:00 GMT

read more

CVE-2025-5821 - "WordPress Case Theme User Plugin Authentication Bypass"

CVE ID : CVE-2025-5821 Published : Aug. 23, 2025, 7:15 a.m. | 1 day, 8 hours ago Description : The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly logging a user in with the data that was previously verified through the facebook_ajax_login_callback(). This makes it possible for unauthenticated attackers to log in as administrative users, as long as they have an existing account on the site, and access to the administrative user's email. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 07:15:00 GMT

read more

CVE-2025-9357 - "Linksys Wi-Fi Router Stack-Based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-9357 Published : Aug. 23, 2025, 6:15 a.m. | 1 day, 9 hours ago Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function langSwitchByBBS of the file /goform/langSwitchByBBS. The manipulation of the argument langSelectionOnly leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 06:15:00 GMT

read more

CVE-2025-7813 - "Eventin WordPress Plugin SSRF Vulnerability"

CVE ID : CVE-2025-7813 Published : Aug. 23, 2025, 6:15 a.m. | 1 day, 7 hours ago Description : The Events Calendar, Event Booking, Registrations and Event Tickets – Eventin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.37 via the proxy_image function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 06:15:00 GMT

read more

CVE-2025-9048 - WordPress Wptobe-memberships Plugin File Deletion Vulnerability

CVE ID : CVE-2025-9048 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 8 hours ago Description : The Wptobe-memberships plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the del_img_ajax_call() function in all versions up to, and including, 3.4.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-9131 - Ogulo – 360° Tour WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9131 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 8 hours ago Description : The Ogulo – 360° Tour plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slug’ parameter in all versions up to, and including, 1.0.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7842 - Silencesoft RSS Reader Plugin CSRF Vulnerability

CVE ID : CVE-2025-7842 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 6 hours ago Description : The Silencesoft RSS Reader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.6. This is due to missing or incorrect nonce validation on the 'sil_rss_edit_page' page. This makes it possible for unauthenticated attackers to delete RSS feeds via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7957 - WordPress ShortcodeHub Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7957 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 6 hours ago Description : The ShortcodeHub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘author_link_target’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-8062 - WordPress WS Theme Addons Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8062 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 6 hours ago Description : The WS Theme Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ws_weather shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7839 - WordPress Restore Permanently Delete Post or Page Data CSRF

CVE ID : CVE-2025-7839 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 4 hours ago Description : The Restore Permanently delete Post or Page Data plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the rp_dpo_dpa_ajax_dp_delete_data() function. This makes it possible for unauthenticated attackers to delete data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7841 - Sertifier Certificate Badge Maker for WordPress - Tutor LMS Cross-Site Request Forgery (CSRF)

CVE ID : CVE-2025-7841 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 4 hours ago Description : The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19. This is due to missing or incorrect nonce validation on the 'sertifier_settings' page. This makes it possible for unauthenticated attackers to update the plugin's api key via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7827 - Ni WooCommerce Customer Product Report Unauthorized Data Modification

CVE ID : CVE-2025-7827 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 2 hours ago Description : The Ni WooCommerce Customer Product Report plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ni_woocpr_action() function in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin settings. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7828 - "WordPress WP Filter Combine RSS Feeds Unauthenticated Data Deletion Vulnerability"

CVE ID : CVE-2025-7828 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 2 hours ago Description : The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the post_listing_page() function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete feeds. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7642 - WordPress Simpler Checkout Plugin Authentication Bypass

CVE ID : CVE-2025-7642 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 1 hour ago Description : The Simpler Checkout plugin for WordPress is vulnerable to Authentication Bypass in versions 0.7.0 to 1.1.9. This is due to the plugin not properly verifying a user's identity prior to logging them in as an admin through the simplerwc_woocommerce_order_created() function. This makes it possible for unauthenticated attackers to log in as other users based on their order ID, which can be an administrator if a site admin has placed a test order. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-7821 - "WordPress WC Plus Favicon Logo Base Unauthorized Modification Vulnerability"

CVE ID : CVE-2025-7821 Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 1 hour ago Description : The WC Plus plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pluswc_logo_favicon_logo_base' AJAX action in all versions up to, and including, 1.2.0. This makes it possible for unauthenticated attackers to update the site's favicon logo base. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-43766 - Liferay Portal/DPX Remote Code Execution Vulnerability

CVE ID : CVE-2025-43766 Published : Aug. 23, 2025, 5:15 a.m. | 1 day ago Description : The Liferay Portal 7.4.0 through 7.3.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows the upload of unrestricted files in the style books component that are processed within the environment enabling arbitrary code execution by attackers. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-43764 - Liferay Portal Liferay DXP Regular Expression Denial of Service

CVE ID : CVE-2025-43764 Published : Aug. 23, 2025, 5:15 a.m. | 20 hours, 7 minutes ago Description : Self-ReDoS (Regular expression Denial of Service) exists with Role Name search field of Kaleo Designer portlet JavaScript in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.1, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.20 and 7.4 GA through update 92, which allows authenticated users with permissions to update Kaleo Workflows to enter a malicious Regex pattern causing their browser to hang for a very long time. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-43765 - Liferay Portal Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-43765 Published : Aug. 23, 2025, 5:15 a.m. | 20 hours, 7 minutes ago Description : A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the text field from a web content. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 05:15:00 GMT

read more

CVE-2025-43767 - Liferay Portal Open Redirect

CVE ID : CVE-2025-43767 Published : Aug. 23, 2025, 4:15 a.m. | 9 hours, 12 minutes ago Description : Open Redirect vulnerability in /c/portal/edit_info_item parameter redirect in Liferay Portal 7.4.3.86 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.9, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 update 86 through update 92 allows an attacker to exploit this security vulnerability to redirect users to a malicious site. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 04:15:00 GMT

read more

CVE-2025-58043 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-58043 Published : Aug. 23, 2025, 3:15 a.m. | 10 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58042 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-58042 Published : Aug. 23, 2025, 3:15 a.m. | 9 hours, 12 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58041 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-58041 Published : Aug. 23, 2025, 3:15 a.m. | 7 hours, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58040 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-58040 Published : Aug. 23, 2025, 3:15 a.m. | 6 hours, 15 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58039 - Apache Struts Remote Code Execution

CVE ID : CVE-2025-58039 Published : Aug. 23, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58036 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-58036 Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58037 - Apache Solr SQL Injection

CVE ID : CVE-2025-58037 Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58038 - Apache Struts Command Injection

CVE ID : CVE-2025-58038 Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-43769 - Liferay Portal Liferay DXP Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-43769 Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 11 minutes ago Description : Stored cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.8, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote attackers to execute arbitrary web script or HTML via components tab. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-58035 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-58035 Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-22860 - Norton Antivirus Unvalidated Redirect to Arbitrary URL

CVE ID : CVE-2025-22860 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-22861 - Apache Struts Command Injection

CVE ID : CVE-2025-22861 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-22863 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-22863 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-22864 - Apache HTTP Server Command Injection

CVE ID : CVE-2025-22864 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-24468 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-24468 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-24469 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-24469 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-43768 - Liferay Portal Unauthenticated Admin Data Disclosure

CVE ID : CVE-2025-43768 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows authenticated users without any permissions to access sensitive information of admin users using JSONWS APIs. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 03:15:00 GMT

read more

CVE-2025-43770 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43770 Published : Aug. 23, 2025, 2:15 a.m. | 2 hours, 54 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.3, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the referer or FORWARD_URL using %00 in those parameters. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 23 Aug 2025 02:15:00 GMT

read more

CVE-2025-8193 - "Apache HTTP Server Information Disclosure Vulnerability"

CVE ID : CVE-2025-8193 Published : Aug. 22, 2025, 11:15 p.m. | 5 hours, 54 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 23:15:00 GMT

read more

CVE-2025-52450 - "Tableau Server Path Traversal"

CVE ID : CVE-2025-52450 Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (abdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-52451 - "Salesforce Tableau Server Absolute Path Traversal Vulnerability"

CVE ID : CVE-2025-52451 Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago Description : Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-55455 - DooTask Authenticated Arbitrary Download Vulnerability

CVE ID : CVE-2025-55455 Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago Description : DooTask v1.0.51 was dicovered to contain an authenticated arbitrary download vulnerability via the component /msg/sendtext. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-9355 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9355 Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function scheduleAdd of the file /goform/scheduleAdd. Performing manipulation of the argument ruleName results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-9356 - "Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-9356 Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function inboundFilterAdd of the file /goform/inboundFilterAdd. Executing manipulation of the argument ruleName can lead to stack-based buffer overflow. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2022-45133 - Mahara XML Font Font Traversal Code Execution Vulnerability

CVE ID : CVE-2022-45133 Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago Description : Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-26496 - Tableau Type Confusion Local Code Inclusion Vulnerability

CVE ID : CVE-2025-26496 Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago Description : Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-26497 - Tableau Server Absolute Path Traversal Vulnerability

CVE ID : CVE-2025-26497 Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Editor modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-26498 - "Salesforce Tableau Server File Upload Arbitrary File Write"

CVE ID : CVE-2025-26498 Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (establish-connection-no-undo modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-43761 - Liferay Portal and DXP Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43761 Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.4, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the frontend-editor-ckeditor-web/ckeditor/samples/old/ajax.html path Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2025-4609 - Google Chrome Mojo Sandbox Escape

CVE ID : CVE-2025-4609 Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago Description : Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 21:15:00 GMT

read more

CVE-2022-31491 - Voltronic Power Remote Code Execution

CVE ID : CVE-2022-31491 Published : Aug. 22, 2025, 8:15 p.m. | 6 hours, 54 minutes ago Description : Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this to run arbitrary code immediately regardless of any managed UPS state or presence. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 20:15:00 GMT

read more

CVE-2022-43110 - Voltronic Power ViewPower and PowerShield Netguard Unauthenticated Remote Command Execution

CVE ID : CVE-2022-43110 Published : Aug. 22, 2025, 8:15 p.m. | 6 hours, 54 minutes ago Description : Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system via an unspecified web interface. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password, view/change system configuration, enumerate connected UPS devices and shut down connected UPS devices. This extends to being able to configure operating system commands that should run if the system detects a connected UPS shutting down. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 20:15:00 GMT

read more

CVE-2025-57801 - Gnark EdDSA/ECDSA Signature Malleability

CVE ID : CVE-2025-57801 Published : Aug. 22, 2025, 8:15 p.m. | 6 hours, 54 minutes ago Description : gnark is a zero-knowledge proof system framework. In versions prior to 0.14.0, the Verify function in eddsa.go and ecdsa.go used the S value from a signature without asserting that 0 ≤ S order, leading to a signature malleability vulnerability. Because gnark’s native EdDSA and ECDSA circuits lack essential constraints, multiple distinct witnesses can satisfy the same public inputs. In protocols where nullifiers or anti-replay checks are derived from R and S, this enables signature malleability and may allow double spending. This issue has been addressed in version 0.14.0. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 20:15:00 GMT

read more

CVE-2025-43762 - Liferay Portal File Upload Denial of Service

CVE ID : CVE-2025-43762 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the forms, the files are stored in the document_library allowing an attacker to cause a potential DDoS. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-4650 - Apache Web Meta Service SQL Injection Vulnerability

CVE ID : CVE-2025-4650 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago Description : User with high privileges is able to introduce a SQLi using the Meta Service indicator page. Caused by an Improper Neutralization of Special Elements used in an SQL Command.This issue affects web: from 24.10.0 before 24.10.9, from 24.04.0 before 24.04.16, from 23.10.0 before 23.10.26. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-50858 - Easy Hosting Control Panel (EHCP) Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-50858 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago Description : Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-50859 - Easy Hosting Control Panel (EHCP) Reflected Cross-Site Scripting

CVE ID : CVE-2025-50859 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago Description : Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-51092 - VishnuSivadasVS LogIn-SignUp SQL Injection

CVE ID : CVE-2025-51092 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago Description : The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn() and signUp() build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareData() function exists, it is insufficient to prevent SQL injection and does not sanitize the table name. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-54812 - Apache Log4cxx Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54812 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago Description : Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order to hide information from logs or steal data from the user. In order to activate this, the following sequence must occur: * Log4cxx is configured to use HTMLLayout. * Logger name comes from an untrusted string * Logger with compromised name logs a message * User opens the generated HTML log file in their browser, leading to potential XSS Because logger names are generally constant strings, we assess the impact to users as LOW This issue affects Apache Log4cxx: before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue. Severity: 2.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-54813 - Apache Log4cxx JSONLayout Log Injection Vulnerability

CVE ID : CVE-2025-54813 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago Description : Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON message. This may prevent applications that consume these logs from correctly interpreting the information within them. This issue affects Apache Log4cxx: before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-55454 - DooTask RCE File Upload Vulnerability

CVE ID : CVE-2025-55454 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago Description : An authenticated arbitrary file upload vulnerability in the component /msg/sendfiles of DooTask v1.0.51 allows attackers to execute arbitrary code via uploading a crafted file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-6791 - Centreon Web SQL Injection Vulnerability

CVE ID : CVE-2025-6791 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago Description : On the monitoring event logs page, it is possible to alter the http request to insert a payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon web (Monitoring event logs modules) allows SQL Injection. This issue affects web: from 24.10.0 before 24.10.9, from 24.04.0 before 24.04.16, from 23.10.0 before 23.10.26. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-43759 - Liferay Portal Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43759 Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 10 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows admin users of a virtual instance to add pages that are not in the default/main virtual instance, then any tenant can create a list of all other tenants. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2025-43758 - Liferay Portal Unauthenticated File Access Vulnerability

CVE ID : CVE-2025-43758 Published : Aug. 22, 2025, 7:15 p.m. | 4 hours, 12 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows unauthenticated users (guests) to access via URL files uploaded by object entry and stored in document_library Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2022-45134 - Mahara XML Deserialization Code Execution Vulnerability

CVE ID : CVE-2022-45134 Published : Aug. 22, 2025, 7:15 p.m. | 1 hour, 59 minutes ago Description : Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user input unsafely during skin import. A particularly structured XML file could cause code execution when being processed. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2024-48988 - Apache StreamPark SQL Injection

CVE ID : CVE-2024-48988 Published : Aug. 22, 2025, 7:15 p.m. | 1 hour, 59 minutes ago Description : SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes the issue. This vulnerability is present only in the distribution package (SpringBoot platform) and does not involve Maven artifacts. It can only be exploited after a user has successfully logged into the platform (implying that the attacker would first need to compromise the login authentication). As a result, the associated risk is considered relatively low. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 19:15:00 GMT

read more

CVE-2024-50645 - MallChat Authentication Bypass

CVE ID : CVE-2024-50645 Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago Description : MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2024-52786 - Anji-Plus AJ-Report Authentication Bypass Remote Code Execution

CVE ID : CVE-2024-52786 Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago Description : An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated attackers to execute arbitrary code via a crafted URL. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2024-53496 - Apache My-site Unauthenticated Access Control Bypass

CVE ID : CVE-2024-53496 Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago Description : Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2024-53499 - Jeewms SQL Injection

CVE ID : CVE-2024-53499 Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago Description : Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-43760 - Liferay Portal Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43760 Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.6, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.20 and 7.4 GA through update 92 allows an remote authenticated attacker to inject JavaScript into the PortalUtil.escapeRedirect Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-52085 - Yoosee SQL Injection Vulnerability

CVE ID : CVE-2025-52085 Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago Description : An SQL injection vulnerability in Yoosee application v6.32.4 allows authenticated users to inject arbitrary SQL queries via a request to a backend API endpoint. Successful exploitation enables extraction of sensitive database information, including but not limited to, the database server banner and version, current database user and schema, the current DBMS user privileges, and arbitrary data from any table. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-52287 - OperaMasks SDK ELite Script Engine RCE via Deserialization

CVE ID : CVE-2025-52287 Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago Description : OperaMasks SDK ELite Script Engine v0.5.0 was discovered to contain a deserialization vulnerability. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-55581 - D-Link DCS-825L Persistent Root Code Execution Vulnerability

CVE ID : CVE-2025-55581 Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago Description : D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust and absence of integrity checks in the watchdog logic. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-55613 - Tenda O3V2 Buffer Overflow Vulnerability

CVE ID : CVE-2025-55613 Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago Description : Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 18:15:00 GMT

read more

CVE-2025-57770 - Zitadel Username Enumeration Vulnerability

CVE ID : CVE-2025-57770 Published : Aug. 22, 2025, 5:15 p.m. | 3 hours, 8 minutes ago Description : The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Versions 4.0.0 to 4.0.2, 3.0.0 to 3.3.6, and all versions prior to 2.71.15 are vulnerable to a username enumeration issue in the login interface. The login UI includes a security feature, Ignoring unknown usernames, that is intended to prevent username enumeration by returning a generic response for both valid and invalid usernames. This vulnerability allows an unauthenticated attacker to bypass this protection by submitting arbitrary userIDs to the select account page and distinguishing between valid and invalid accounts based on the system's response. For effective exploitation, an attacker needs to iterate through possible userIDs, but the impact can be limited by implementing rate limiting or similar measures. The issue has been patched in versions 4.0.3, 3.4.0, and 2.71.15. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-57771 - Roo Code Command Injection Vulnerability

CVE ID : CVE-2025-57771 Published : Aug. 22, 2025, 5:15 p.m. | 3 hours, 8 minutes ago Description : Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fails to properly handle process substitution and single ampersand characters in the command parsing logic for auto-execute commands. If a user has enabled auto-approved execution for a command such as ls, an attacker who can submit crafted prompts to the agent may inject arbitrary commands to be executed alongside the intended command. Exploitation requires attacker access to submit prompts and for the user to have enabled auto-approved command execution, which is disabled by default. This vulnerability could allow an attacker to execute arbitrary code. The issue is fixed in version 3.25.5. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-57800 - Audiobookshelf OpenID Connect Callback URL Redirect Vulnerability

CVE ID : CVE-2025-57800 Published : Aug. 22, 2025, 5:15 p.m. | 3 hours, 8 minutes ago Description : Audiobookshelf is an open-source self-hosted audiobook server. In versions 2.6.0 through 2.26.3, the application does not properly restrict redirect callback URLs during OIDC authentication. An attacker can craft a login link that causes Audiobookshelf to store an arbitrary callback in a cookie, which is later used to redirect the user after authentication. The server then issues a 302 redirect to the attacker-controlled URL, appending sensitive OIDC tokens as query parameters. This allows an attacker to obtain the victim's tokens and perform full account takeover, including creating persistent admin users if the victim is an administrator. Tokens are further leaked via browser history, Referer headers, and server logs. This vulnerability impacts all Audiobookshelf deployments using OIDC; no IdP misconfiguration is required. The issue is fixed in version 2.28.0. No known workarounds exist. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55622 - Reolink Task Hijacking Vulnerability

CVE ID : CVE-2025-55622 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55623 - Reolink Android Debug Bridge Authentication Bypass

CVE ID : CVE-2025-55623 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass authentication via using an ADB (Android Debug Bridge). Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55624 - Reolink Intent Redirection Vulnerability

CVE ID : CVE-2025-55624 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : An intent redirection vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access internal functions or access non-public components. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55625 - Reolink Open Redirect Vulnerability

CVE ID : CVE-2025-55625 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55626 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell Chime IDOR

CVE ID : CVE-2025-55626 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : An Insecure Direct Object Reference (IDOR) vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to access the Admin-only settings and edit the session storage. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55627 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Privilege Escalation

CVE ID : CVE-2025-55627 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : Insufficient privilege verification in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows authenticated attackers to create accounts with elevated privileges. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55629 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell Password Manipulation Vulnerability

CVE ID : CVE-2025-55629 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55630 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Authentication Bypass

CVE ID : CVE-2025-55630 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 when entering the wrong username and password allows attackers to enumerate existing accounts. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55631 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Session Management Vulnerability

CVE ID : CVE-2025-55631 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to manage users' sessions system wide instead of an account-by-account basis, potentially leading to a Denial of Service (DoS) via resource exhaustion. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55634 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Unauthenticated DoS

CVE ID : CVE-2025-55634 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : Incorrect access control in the RTMP server settings of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to cause a Denial of Service (DoS) via initiating a large number of simultaneous ffmpeg-based stream pushes. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55637 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Command Injection Vulnerability

CVE ID : CVE-2025-55637 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to contain a command injection vulnerability via the setddns_pip_system() function. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55745 - UnoPim Laravel Formula Injection Vulnerability

CVE ID : CVE-2025-55745 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Versions 0.3.0 and prior are vulnerable to CSV injection, also known as formula injection, in the Quick Export feature. This vulnerability allows attackers to inject malicious content into exported CSV files. When the CSV file is opened in spreadsheet applications such as Microsoft Excel, the malicious input may be interpreted as a formula or command, potentially resulting in the execution of arbitrary code on the victim's device. Successful exploitation can lead to remote code execution, including the establishment of a reverse shell. Users are advised to upgrade to version 0.3.1 or later. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-57105 - D-Link DI-7400G+ Router Command Injection Vulnerability

CVE ID : CVE-2025-57105 Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago Description : The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device. The sub_478D28 function in in mng_platform.asp, and sub_4A12DC function in wayos_ac_server.asp of the jhttpd program, with the parameter ac_mng_srv_host. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2024-50644 - "Zhisheng17 Blog Authentication Bypass Vulnerability"

CVE ID : CVE-2024-50644 Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago Description : zhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2024-53494 - SpringBootBlog Unauthenticated Access Vulnerability

CVE ID : CVE-2024-53494 Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago Description : Incorrect access control in the preHandle function of SpringBootBlog v1.0.0 allows attackers to access sensitive components without authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55398 - Mouse07410 Asn1c Integer Constraint Enforcement Vulnerability

CVE ID : CVE-2025-55398 Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago Description : An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious input to be processed. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55619 - Reolink Hardcoded Encryption Key and Initialization Vector Vulnerability

CVE ID : CVE-2025-55619 Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago Description : Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55620 - Reolink XSS

CVE ID : CVE-2025-55620 Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago Description : A cross-site scripting (XSS) vulnerability in the valuateJavascript() function of Reolink v4.54.0.4.20250526 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55621 - Reolink IDOR

CVE ID : CVE-2025-55621 Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago Description : An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 17:15:00 GMT

read more

CVE-2025-55606 - Tenda AX3 Buffer Overflow Vulnerability

CVE ID : CVE-2025-55606 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 14 minutes ago Description : Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the fromAdvSetMacMtuWan function via the serverName parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55611 - D-Link DIR-619L Buffer Overflow Vulnerability

CVE ID : CVE-2025-55611 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 14 minutes ago Description : D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formLanguageChange function via the nextPage parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55741 - UnoPim Laravel Mass Delete Privilege Escalation Vulnerability

CVE ID : CVE-2025-55741 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 14 minutes ago Description : UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intended access controls by issuing requests to the mass-delete endpoint, allowing them to delete products without proper authorization. This vulnerability allows unauthorized product deletion, leading to potential data loss and business disruption. The issue is fixed in version 0.3.1. No known workarounds exist. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38665 - Linux Kernel CAN NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38665 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode Andrei Lalaev reported a NULL pointer deref when a CAN device is restarted from Bus Off and the driver does not implement the struct can_priv::do_set_mode callback. There are 2 code path that call struct can_priv::do_set_mode: - directly by a manual restart from the user space, via can_changelink() - delayed automatic restart after bus off (deactivated by default) To prevent the NULL pointer deference, refuse a manual restart or configure the automatic restart delay in can_changelink() and report the error via extack to user space. As an additional safety measure let can_restart() return an error if can_priv::do_set_mode is not set instead of dereferencing it unchecked. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38666 - AppleTalk Linux Kernel Appletalk AARP Race Condition Use-After-Free

CVE ID : CVE-2025-38666 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy‐probe routine (aarp_proxy_probe_network) sends a probe, releases the aarp_lock, sleeps, then re-acquires the lock. During that window an expire timer thread (__aarp_expire_timer) can remove and kfree() the same entry, leading to a use-after-free. race condition: cpu 0 | cpu 1 atalk_sendmsg() | atif_proxy_probe_device() aarp_send_ddp() | aarp_proxy_probe_network() mod_timer() | lock(aarp_lock) // LOCK!! timeout around 200ms | alloc(aarp_entry) and then call | proxies[hash] = aarp_entry aarp_expire_timeout() | aarp_send_probe() | unlock(aarp_lock) // UNLOCK!! lock(aarp_lock) // LOCK!! | msleep(100); __aarp_expire_timer(&proxies[ct]) | free(aarp_entry) | unlock(aarp_lock) // UNLOCK!! | | lock(aarp_lock) // LOCK!! | UAF aarp_entry !! ================================================================== BUG: KASAN: slab-use-after-free in aarp_proxy_probe_network+0x560/0x630 net/appletalk/aarp.c:493 Read of size 4 at addr ffff8880123aa360 by task repro/13278 CPU: 3 UID: 0 PID: 13278 Comm: repro Not tainted 6.15.2 #3 PREEMPT(full) Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1b0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0xc1/0x630 mm/kasan/report.c:521 kasan_report+0xca/0x100 mm/kasan/report.c:634 aarp_proxy_probe_network+0x560/0x630 net/appletalk/aarp.c:493 atif_proxy_probe_device net/appletalk/ddp.c:332 [inline] atif_ioctl+0xb58/0x16c0 net/appletalk/ddp.c:857 atalk_ioctl+0x198/0x2f0 net/appletalk/ddp.c:1818 sock_do_ioctl+0xdc/0x260 net/socket.c:1190 sock_ioctl+0x239/0x6a0 net/socket.c:1311 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:906 [inline] __se_sys_ioctl fs/ioctl.c:892 [inline] __x64_sys_ioctl+0x194/0x200 fs/ioctl.c:892 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcb/0x250 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Allocated: aarp_alloc net/appletalk/aarp.c:382 [inline] aarp_proxy_probe_network+0xd8/0x630 net/appletalk/aarp.c:468 atif_proxy_probe_device net/appletalk/ddp.c:332 [inline] atif_ioctl+0xb58/0x16c0 net/appletalk/ddp.c:857 atalk_ioctl+0x198/0x2f0 net/appletalk/ddp.c:1818 Freed: kfree+0x148/0x4d0 mm/slub.c:4841 __aarp_expire net/appletalk/aarp.c:90 [inline] __aarp_expire_timer net/appletalk/aarp.c:261 [inline] aarp_expire_timeout+0x480/0x6e0 net/appletalk/aarp.c:317 The buggy address belongs to the object at ffff8880123aa300 which belongs to the cache kmalloc-192 of size 192 The buggy address is located 96 bytes inside of freed 192-byte region [ffff8880123aa300, ffff8880123aa3c0) Memory state around the buggy address: ffff8880123aa200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8880123aa280: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc >ffff8880123aa300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff8880123aa380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc ffff8880123aa400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38667 - Linux iio Buffer Overflow

CVE ID : CVE-2025-38667 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". To protect from OoB access, check that the input size fit into buffer and add a zero terminator after copy to the end of the copied data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38668 - Linux Kernel Regulator NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38668 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix NULL dereference on unbind due to stale coupling data Failing to reset coupling_desc.n_coupled after freeing coupled_rdevs can lead to NULL pointer dereference when regulators are accessed post-unbind. This can happen during runtime PM or other regulator operations that rely on coupling metadata. For example, on ridesx4, unbinding the 'reg-dummy' platform device triggers a panic in regulator_lock_recursive() due to stale coupling state. Ensure n_coupled is set to 0 to prevent access to invalid pointers. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38669 - "Linux Kernel DRM GEM NULL Pointer Dereference Vulnerability"

CVE ID : CVE-2025-38669 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dma_buf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. The dma_buf field in struct drm_gem_object is not stable over the object instance's lifetime. The field becomes NULL when user space releases the final GEM handle on the buffer object. This resulted in a NULL-pointer deref. Workarounds in commit 5307dce878d4 ("drm/gem: Acquire references on GEM handles for framebuffers") and commit f6bfc9afc751 ("drm/framebuffer: Acquire internal references on GEM handles") only solved the problem partially. They especially don't work for buffer objects without a DRM framebuffer associated. Hence, this revert to going back to using .import_attach->dmabuf. v3: - cc stable Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38670 - Linux kernel ARM64 DAIF Masking Vulnerability

CVE ID : CVE-2025-38670 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() `cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically and both functions can be interrupted by SErrors or Debug Exceptions which, though unlikely, is very much broken : if interrupted, we can end up with mismatched stacks and Shadow Call Stack leading to clobbered stacks. In `cpu_switch_to()`, it can happen when SP_EL0 points to the new task, but x18 stills points to the old task's SCS. When the interrupt handler tries to save the task's SCS pointer, it will save the old task SCS pointer (x18) into the new task struct (pointed to by SP_EL0), clobbering it. In `call_on_irq_stack()`, it can happen when switching from the task stack to the IRQ stack and when switching back. In both cases, we can be interrupted when the SCS pointer points to the IRQ SCS, but SP points to the task stack. The nested interrupt handler pushes its return addresses on the IRQ SCS. It then detects that SP points to the task stack, calls `call_on_irq_stack()` and clobbers the task SCS pointer with the IRQ SCS pointer, which it will also use ! This leads to tasks returning to addresses on the wrong SCS, or even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK or FPAC if enabled. This is possible on a default config, but unlikely. However, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and instead the GIC is responsible for filtering what interrupts the CPU should receive based on priority. Given the goal of emulating NMIs, pseudo-NMIs can be received by the CPU even in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very* frequently depending on the system configuration and workload, leading to unpredictable kernel panics. Completely mask DAIF in `cpu_switch_to()` and restore it when returning. Do the same in `call_on_irq_stack()`, but restore and mask around the branch. Mask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency of behaviour between all configurations. Introduce and use an assembly macro for saving and masking DAIF, as the existing one saves but only masks IF. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38671 - Linux Kernel i2c Qup Timeout Information Disclosure Vulnerability

CVE ID : CVE-2025-38671 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the bus is kept active by a client. This is not expected. A malicious or buggy i2c client can hang the kernel in this case and should be avoided. This is observed during a long time test with a PCA953x GPIO extender. Fix it by changing the logic to not only sets the return value, but also jumps out of the loop and return to the caller with -ETIMEDOUT. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38672 - Linux Kernel - NULL Pointer Dereference in drm_gem_object

CVE ID : CVE-2025-38672 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-dma: Use dma_buf from GEM object instance" This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685. The dma_buf field in struct drm_gem_object is not stable over the object instance's lifetime. The field becomes NULL when user space releases the final GEM handle on the buffer object. This resulted in a NULL-pointer deref. Workarounds in commit 5307dce878d4 ("drm/gem: Acquire references on GEM handles for framebuffers") and commit f6bfc9afc751 ("drm/framebuffer: Acquire internal references on GEM handles") only solved the problem partially. They especially don't work for buffer objects without a DRM framebuffer associated. Hence, this revert to going back to using .import_attach->dmabuf. v3: - cc stable Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38673 - Linux Kernel - Null Pointer Dereference in DRM GEM Object Instance

CVE ID : CVE-2025-38673 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-framebuffer: Use dma_buf from GEM object instance" This reverts commit cce16fcd7446dcff7480cd9d2b6417075ed81065. The dma_buf field in struct drm_gem_object is not stable over the object instance's lifetime. The field becomes NULL when user space releases the final GEM handle on the buffer object. This resulted in a NULL-pointer deref. Workarounds in commit 5307dce878d4 ("drm/gem: Acquire references on GEM handles for framebuffers") and commit f6bfc9afc751 ("drm/framebuffer: Acquire internal references on GEM handles") only solved the problem partially. They especially don't work for buffer objects without a DRM framebuffer associated. Hence, this revert to going back to using .import_attach->dmabuf. v3: - cc stable Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38674 - "Linux Kernel DRM Prime DMA Buffer NULL Pointer Dereference Vulnerability"

CVE ID : CVE-2025-38674 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: Revert "drm/prime: Use dma_buf from GEM object instance" This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dma_buf field in struct drm_gem_object is not stable over the object instance's lifetime. The field becomes NULL when user space releases the final GEM handle on the buffer object. This resulted in a NULL-pointer deref. Workarounds in commit 5307dce878d4 ("drm/gem: Acquire references on GEM handles for framebuffers") and commit f6bfc9afc751 ("drm/framebuffer: Acquire internal references on GEM handles") only solved the problem partially. They especially don't work for buffer objects without a DRM framebuffer associated. Hence, this revert to going back to using .import_attach->dmabuf. v3: - cc stable Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-38675 - Linux Kernel Xfrm State Pointer Initialization Vulnerability

CVE ID : CVE-2025-38675 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize state_ptrs earlier in xfrm_state_find In case of preemption, xfrm_state_look_at will find a different pcpu_id and look up states for that other CPU. If we matched a state for CPU2 in the state_cache while the lookup started on CPU1, we will jump to "found", but the "best" state that we got will be ignored and we will enter the "acquire" block. This block uses state_ptrs, which isn't initialized at this point. Let's initialize state_ptrs just after taking rcu_read_lock. This will also prevent a possible misuse in the future, if someone adjusts this function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-43751 - Liferay Portal User Enumeration Vulnerability

CVE ID : CVE-2025-43751 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10 and 7.4 GA through update 92 allows remote attackers to determine if an account exist in the application via the create account page. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-50674 - OpenMediaVault Root Privilege Escalation Vulnerability

CVE ID : CVE-2025-50674 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system/user.inc in OpenMediaVault 7.4.17 allowing local authenticated attackers to escalate privileges to root. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-50733 - NextChat AI Chat Interface Cross-Site Scripting (XSS)

CVE ID : CVE-2025-50733 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : NextChat contains a cross-site scripting (XSS) vulnerability in the HTMLPreview component of artifacts.tsx that allows attackers to execute arbitrary JavaScript code when HTML content is rendered in the AI chat interface. The vulnerability occurs because user-influenced HTML from AI responses is rendered in an iframe with 'allow-scripts' sandbox permission without proper sanitization. This can be exploited through specifically crafted prompts that cause the AI to generate malicious HTML/JavaScript code. When a user views the HTML preview, the injected JavaScript executes in the user's browser context, potentially allowing attackers to exfiltrate sensitive information (including API keys stored in localStorage), perform actions on behalf of the user, and steal session data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-51605 - Shopizer CORS Misconfiguration Vulnerability

CVE ID : CVE-2025-51605 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : An issue was discovered in Shopizer 3.2.7. The server's CORS implementation reflects the client-supplied Origin header verbatim into Access-Control-Allow-Origin without any whitelist validation, while also enabling Access-Control-Allow-Credentials: true. This allows any malicious origin to make authenticated cross-origin requests and read sensitive responses. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-52094 - PDQ Smart Deploy Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-52094 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-52095 - PDQ Smart Deploy Privilege Escalation Vulnerability

CVE ID : CVE-2025-52095 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the Credential encryption routines in SDCommon.dll Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-53363 - Dpanel Arbitrary File Read Vulnerability

CVE ID : CVE-2025-53363 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : dpanel is an open source server management panel written in Go. In versions 1.2.0 through 1.7.2, dpanel allows authenticated users to read arbitrary files from the server via the /api/app/compose/get-from-uri API endpoint. The vulnerability exists in the GetFromUri function in app/application/http/controller/compose.go, where the uri parameter is passed directly to os.ReadFile without proper validation or access control. A logged-in attacker can exploit this flaw to read sensitive files from the host system, leading to information disclosure. No patched version is available as of this writing. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55599 - D-Link DIR-619L Buffer Overflow Vulnerability

CVE ID : CVE-2025-55599 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formWlanSetup function via the parameter f_wds_wepKey. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55602 - D-Link DIR-619L Buffer Overflow

CVE ID : CVE-2025-55602 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formSysCmd function via the submit-url parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55603 - Tenda AX3 NTP Buffer Overflow

CVE ID : CVE-2025-55603 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the fromSetSysTime function via the ntpServer parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-55605 - Tenda AX3 Buffer Overflow Vulnerability

CVE ID : CVE-2025-55605 Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the saveParentControlInfo function via the deviceName parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 16:15:00 GMT

read more

CVE-2025-33120 - IBM QRadar SIEM Privilege Escalation Vulnerability

CVE ID : CVE-2025-33120 Published : Aug. 22, 2025, 3:15 p.m. | 56 minutes ago Description : IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 15:15:00 GMT

read more

CVE-2025-36042 - IBM QRadar SIEM Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-36042 Published : Aug. 22, 2025, 3:15 p.m. | 56 minutes ago Description : IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 15:15:00 GMT

read more

CVE-2025-55573 - QuantumNous new-api Remote Cross Site Scripting (XSS)

CVE ID : CVE-2025-55573 Published : Aug. 22, 2025, 3:15 p.m. | 56 minutes ago Description : QuantumNous new-api v.0.8.5.2 is vulnerable to Cross Site Scripting (XSS). Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 15:15:00 GMT

read more

CVE-2009-10006 - "UFO: Alien Invasion IRC Client Buffer Overflow"

CVE ID : CVE-2009-10006 Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in its built-in IRC client component. When the client connects to an IRC server and receives a crafted numeric reply (specifically a 001 message), the application fails to properly validate the length of the response string. This results in a stack-based buffer overflow, which may corrupt control flow structures and allow arbitrary code execution. The vulnerability is triggered during automatic IRC connection handling and does not require user interaction beyond launching the game. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2024-56179 - MindManager File Attachment Directory Traversal Vulnerability

CVE ID : CVE-2024-56179 Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : In MindManager Windows versions prior to 24.1.150, attackers could potentially write to unexpected directories in victims' machines via directory traversal if victims opened file attachments located in malicious mmap files. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2024-58239 - "Linux TLS Merger Vulnerability"

CVE ID : CVE-2024-58239 Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: tls: stop recv() if initial process_rx_list gave us non-DATA If we have a non-DATA record on the rx_list and another record of the same type still on the queue, we will end up merging them: - process_rx_list copies the non-DATA record - we start the loop and process the first available record since it's of the same type - we break out of the loop since the record was not DATA Just check the record type and jump to the end in case process_rx_list did some work. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-38616 - "Linux TLS ULP Data Disappearance Out-of-Bounds Read"

CVE ID : CVE-2025-38616 Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was installed, or uses some non-standard read API (eg. zerocopy ones). Replace the WARN_ON() and a buggy early exit (which leaves anchor pointing to a freed skb) with real error handling. Wipe the parsing state and tell the reader to retry. We already reload the anchor every time we (re)acquire the socket lock, so the only condition we need to avoid is an out of bounds read (not having enough bytes in the socket for previously parsed record len). If some data was read from under TLS but there's enough in the queue we'll reload and decrypt what is most likely not a valid TLS record. Leading to some undefined behavior from TLS perspective (corrupting a stream? missing an alert? missing an attack?) but no kernel crash should take place. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-38617 - Linux Kernel Packet Netdev Up Event Race Condition

CVE ID : CVE-2025-38617 Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix are both similar to that of commit 15fe076edea7 ("net/packet: fix a race in packet_bind() and packet_notifier()"). There too the packet_notifier NETDEV_UP event managed to run while a po->bind_lock critical section had to be temporarily released. And the fix was similarly to temporarily set po->num to zero to keep the socket unhooked until the lock is retaken. The po->bind_lock in packet_set_ring and packet_notifier precede the introduction of git history. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-38618 - "vsock: VMADDR_PORT_ANY Binding Vulnerability"

CVE ID : CVE-2025-38618 Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept() also has port VMADDR_PORT_ANY but is not on the list of unbound sockets. Binding it will result in an extra refcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep the binding until socket destruction). Modify the check in __vsock_bind_connectible() to also prevent binding to VMADDR_PORT_ANY. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-50691 - MCSManager Root Privilege Escalation Vulnerability

CVE ID : CVE-2025-50691 Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : MCSManager 10.5.3 daemon process runs as a root account by default, and its sensitive data (including tokens and terminal content) is stored in the data directory, readable by all users. Other users on the system can read the daemon's key and use it to log in, leading to privilege escalation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-51825 - JeecgBoot SQL Injection Vulnerability

CVE ID : CVE-2025-51825 Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : JeecgBoot versions from 3.4.3 up to 3.8.0 were found to contain a SQL injection vulnerability in the /jeecg-boot/online/cgreport/head/parseSql endpoint, which allows bypassing SQL blacklist restrictions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 14:15:00 GMT

read more

CVE-2025-57890 - Pierre Lannoy Sessions Cross-site Scripting

CVE ID : CVE-2025-57890 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy Sessions allows Stored XSS. This issue affects Sessions: from n/a through 3.2.0. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57891 - Wpecommerce Stored Cross-site Scripting

CVE ID : CVE-2025-57891 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpecommerce Recurring PayPal Donations allows Stored XSS. This issue affects Recurring PayPal Donations: from n/a through 1.8. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57892 - Jeff Starr Simple Statistics for Feeds CSRF Vulnerability

CVE ID : CVE-2025-57892 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Jeff Starr Simple Statistics for Feeds allows Cross Site Request Forgery. This issue affects Simple Statistics for Feeds: from n/a through 20250322. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57893 - Epsiloncool WP Fast Total Search CSRF Vulnerability

CVE ID : CVE-2025-57893 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross Site Request Forgery. This issue affects WP Fast Total Search: from n/a through 1.79.270. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57894 - WPPizza Missing Authorization Vulnerability

CVE ID : CVE-2025-57894 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : Missing Authorization vulnerability in ollybach WPPizza allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPPizza: from n/a through 3.19.8. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57895 - JobWP CSRF Vulnerability

CVE ID : CVE-2025-57895 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request Forgery. This issue affects JobWP: from n/a through 2.4.3. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57896 - Church Admin Missing Authorization Vulnerability

CVE ID : CVE-2025-57896 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : Missing Authorization vulnerability in andy_moyle Church Admin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Church Admin: from n/a through 5.0.26. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9254 - Uniong WebITR Authentication Bypass

CVE ID : CVE-2025-9254 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9255 - Uniong WebITR SQL Injection

CVE ID : CVE-2025-9255 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9256 - Uniong WebITR Arbitrary File Reading Vulnerability

CVE ID : CVE-2025-9256 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9257 - Uniong WebITR Arbitrary File Reading Vulnerability

CVE ID : CVE-2025-9257 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9258 - Uniong WebITR Arbitrary File Reading Vulnerability

CVE ID : CVE-2025-9258 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9259 - Uniong WebITR Arbitrary File Reading Vulnerability

CVE ID : CVE-2025-9259 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9331 - Spacious WordPress Cross-Site Request Forgery (CSRF) and Authentication Bypass

CVE ID : CVE-2025-9331 Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago Description : The Spacious theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'welcome_notice_import_handler' function in all versions up to, and including, 1.9.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import demo data into the site. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57884 - Wpsoul Greenshift Missing Authorization Vulnerability

CVE ID : CVE-2025-57884 Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago Description : Missing Authorization vulnerability in wpsoul Greenshift allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Greenshift: from n/a through 12.1.1. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57885 - Shahjahan Jewel Fluent Support CSRF Vulnerability

CVE ID : CVE-2025-57885 Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel Fluent Support allows Cross Site Request Forgery. This issue affects Fluent Support: from n/a through 1.9.1. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57886 - Equalize Digital Accessibility Checker Authorization Bypass

CVE ID : CVE-2025-57886 Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago Description : Authorization Bypass Through User-Controlled Key vulnerability in Equalize Digital Accessibility Checker by Equalize Digital allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Checker by Equalize Digital: from n/a through 1.30.0. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57887 - NooTheme Jobmonster Cross-Site Scripting (XSS)

CVE ID : CVE-2025-57887 Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster allows Stored XSS. This issue affects Jobmonster: from n/a through 4.8.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-57888 - NooTheme Jobmonster Information Disclosure

CVE ID : CVE-2025-57888 Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago Description : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NooTheme Jobmonster allows Retrieve Embedded Sensitive Data. This issue affects Jobmonster: from n/a through 4.8.0. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 12:15:00 GMT

read more

CVE-2025-9340 - Bouncy Castle for Java BC-FIPS Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-9340 Published : Aug. 22, 2025, 10:15 a.m. | 3 hours, 56 minutes ago Description : Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher. This issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0. Severity: 0.0 | NONE Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 10:15:00 GMT

read more

CVE-2025-9341 - Bouncy Castle for Java FIPS: Uncontrolled Resource Consumption in AESNativeCBC Java API

CVE ID : CVE-2025-9341 Published : Aug. 22, 2025, 9:15 a.m. | 4 hours, 56 minutes ago Description : Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java. This issue affects Bouncy Castle for Java FIPS: from BC-FJA 2.1.0 through 2.1.0. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 09:15:00 GMT

read more

CVE-2025-8678 - WordPress WP Crontrol SSRF

CVE ID : CVE-2025-8678 Published : Aug. 22, 2025, 8:15 a.m. | 5 hours, 56 minutes ago Description : The WP Crontrol plugin for WordPress is vulnerable to Server-Side Request Forgery in versions 1.17.0 to 1.19.1 via the 'wp_remote_request' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 08:15:00 GMT

read more

CVE-2025-57699 - Western Digital Kitfox for Windows Unquoted Service Path Privilege Escalation Vulnerability

CVE ID : CVE-2025-57699 Published : Aug. 22, 2025, 7:15 a.m. | 6 hours, 56 minutes ago Description : Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with the SYSTEM privilege. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 07:15:00 GMT

read more

Appel à manifestation d‘intérêt [clos]

]]>

Fri, 22 Aug 2025 07:13:00 GMT

read more

CVE-2025-8281 - Talroo WordPress Reflected Cross-Site Scripting

CVE ID : CVE-2025-8281 Published : Aug. 22, 2025, 6:15 a.m. | 7 hours, 56 minutes ago Description : The WP Talroo WordPress plugin through 2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin and unauthenticated users. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 06:15:00 GMT

read more

CVE-2025-41452 - Danfoss AK-SM8xxA Series Web Interface Configuration Setting Vulnerability

CVE ID : CVE-2025-41452 Published : Aug. 22, 2025, 3:15 a.m. | 10 hours, 56 minutes ago Description : Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 03:15:00 GMT

read more

CVE-2025-41451 - Danfoss AK-SM8xxA Series Command Injection

CVE ID : CVE-2025-41451 Published : Aug. 22, 2025, 3:15 a.m. | 8 hours, 58 minutes ago Description : Improper neutralization of alarm-to-mail configuration fields used in an OS shell Command ('Command Injection') in Danfoss AK-SM8xxA Series prior to version 4.3.1, leading to a potential post-authenticated remote code execution on an attacked system. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 03:15:00 GMT

read more

CVE-2025-43752 - Liferay Portal File Upload Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-43752 Published : Aug. 22, 2025, 1:16 a.m. | 10 hours, 57 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the object entries attachment fields, the files are stored in the document_library allowing an attacker to cause a potential DDoS. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 22 Aug 2025 01:16:00 GMT

read more

CVE-2023-3948 - CVE-2021-4034: Cisco ASA SSL/TLS Downgrade Vulnerability

CVE ID : CVE-2023-3948 Published : Aug. 21, 2025, 11:15 p.m. | 12 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 23:15:00 GMT

read more

CVE-2023-4131 - CVE-2022-1234: OpenSSL SSL/TLS Denial of Service

CVE ID : CVE-2023-4131 Published : Aug. 21, 2025, 11:15 p.m. | 12 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 23:15:00 GMT

read more

CVE-2023-4143 - Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2023-4143 Published : Aug. 21, 2025, 11:15 p.m. | 12 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 23:15:00 GMT

read more

CVE-2025-43753 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43753 Published : Aug. 21, 2025, 11:15 p.m. | 12 hours, 58 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.32 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 update 32 through update 92 allows an remote authenticated user to inject JavaScript into the embedded message field from the form container. Severity: 2.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 23:15:00 GMT

read more

CVE-2009-20004 - GAlan Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2009-20004 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : gAlan 0.2.1, a modular audio processing environment for Windows, is vulnerable to a stack-based buffer overflow when parsing .galan files. The application fails to properly validate the length of input data, allowing a specially crafted file to overwrite the stack and execute arbitrary code. Exploitation requires local interaction, typically by convincing a user to open the malicious file. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20007 - Seagull FTP Client Stack-based Buffer Overflow Vulnerability

CVE ID : CVE-2010-20007 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : Seagull FTP Client v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly validate input length, resulting in a buffer overflow that overwrites the Structured Exception Handler (SEH). This may allow remote attackers to execute arbitrary code on the client system. This product line was discontinued and users were advised to use BlueZone Secure FTP instead, at the time of disclosure. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20034 - Gekko Manager FTP Client FTP Buffer Overflow

CVE ID : CVE-2010-20034 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : Gekko Manager FTP Client 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted response containing an overly long filename can overwrite the Structured Exception Handler (SEH), potentially allowing remote code execution. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20107 - FTP Synchronizer Professional FTP Server Stack-Based Buffer Overflow

CVE ID : CVE-2010-20107 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : A stack-based buffer overflow exists in FTP Synchronizer Professional v4.0.73.274. When the client connects to an FTP server and issues a LIST command—typically during sync preview or profile creation—the server’s response containing an overly long filename triggers a buffer overflow. This results in the corruption of the Structured Exception Handler (SEH), potentially allowing remote code execution. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20108 - FTPPad Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2010-20108 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : FTPPad 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to properly validate input length. This results in a buffer overflow that overwrites the saved Extended Instruction Pointer (EIP), allowing remote attackers to execute arbitrary code. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20113 - EasyFTP Server Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2010-20113 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying an excessively long value causes a buffer overflow on the stack, potentially corrupting control flow structures. The vulnerability is exposed through the embedded web server and does not require authentication due to default anonymous access. The issue was resolved in version 1.7.0.12, after which the product was renamed to UplusFtp. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20114 - VariCAD EN Stack-Based Buffer Overflow

CVE ID : CVE-2010-20114 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : VariCAD EN up to and including version 2010-2.05 is vulnerable to a stack-based buffer overflow when parsing .dwb drawing files. The application fails to properly validate the length of input data embedded in the file, allowing a crafted .dwb file to overwrite critical memory structures. This flaw can be exploited locally by convincing a user to open a malicious file, resulting in arbitrary code execution. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20115 - Arcane Software Vermillion FTP Daemon PORT Command Memory Corruption Vulnerability

CVE ID : CVE-2010-20115 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a memory corruption vulnerability triggered by a malformed FTP PORT command. The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate stack memory and potentially execute arbitrary code. Exploitation requires direct access to the FTP service and is constrained by a single execution attempt if the daemon is installed as a Windows service. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20120 - Maple Maplet Remote Code Execution

CVE ID : CVE-2010-20120 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers to craft malicious .maplet files that execute arbitrary code without user interaction. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20122 - Xftp FTP Client Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2010-20122 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : Xftp FTP Client version up to and including 3.0 (build 0238) contain a stack-based buffer overflow vulnerability triggered by a maliciously crafted PWD response from an FTP server. When the client connects to a server and receives an overly long directory string in response to the PWD command, the client fails to properly validate the length of the input before copying it into a fixed-size buffer. This results in memory corruption and allows remote attackers to execute arbitrary code on the client system. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2010-20123 - Steinberg MyMP3Player Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2010-20123 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : Steinberg MyMP3Player version 3.0 (build 3.0.0.67) is vulnerable to a stack-based buffer overflow when parsing .m3u playlist files. The application fails to properly validate the length of input data within the playlist, allowing a specially crafted file to overwrite critical memory structures and execute arbitrary code. This vulnerability can be exploited locally by convincing a user to open a malicious .m3u file. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2025-43747 - Liferay DXP SSRF

CVE ID : CVE-2025-43747 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : A server-side request forgery (SSRF) vulnerability exists in the Liferay DXP 2025.Q2.0 through 2025.Q2.3 due to insecure domain validation on analytics.cloud.domain.allowed, allowing an attacker to perform requests by change the domain and bypassing the validation method, this insecure validation is not distinguishing between trusted subdomains and malicious domains. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2025-51606 - Hippo4J JWT Secret Key Hard-Coded Vulnerability

CVE ID : CVE-2025-51606 Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago Description : hippo4j 1.0.0 to 1.5.0, uses a hard-coded secret key in its JWT (JSON Web Token) creation. This allows attackers with access to the source code or compiled binary to forge valid access tokens and impersonate any user, including privileged ones such as "admin". The vulnerability poses a critical security risk in systems where authentication and authorization rely on the integrity of JWTs. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2009-20003 - Xenorate Windows Multimedia Player Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2009-20003 Published : Aug. 21, 2025, 9:15 p.m. | 12 hours, 45 minutes ago Description : Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2009-20002 - Millenium MP3 Studio Stack-Based Buffer Overflow

CVE ID : CVE-2009-20002 Published : Aug. 21, 2025, 9:15 p.m. | 11 hours, 40 minutes ago Description : Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 21:15:00 GMT

read more

CVE-2025-55231 - Microsoft Windows Storage Race Condition Remote Code Execution

CVE ID : CVE-2025-55231 Published : Aug. 21, 2025, 8:15 p.m. | 11 hours, 50 minutes ago Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Storage allows an unauthorized attacker to execute code over a network. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55230 - Microsoft Windows MBT Transport Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability

CVE ID : CVE-2025-55230 Published : Aug. 21, 2025, 8:15 p.m. | 10 hours, 40 minutes ago Description : Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55229 - Microsoft Windows Certificate Spoofing Vulnerability

CVE ID : CVE-2025-55229 Published : Aug. 21, 2025, 8:15 p.m. | 9 hours, 50 minutes ago Description : Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55106 - Esri Portal for ArcGIS Enterprise Sites Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-55106 Published : Aug. 21, 2025, 8:15 p.m. | 6 hours, 39 minutes ago Description : There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55107 - Esri Portal for ArcGIS Enterprise Sites Cross-Site Scripting (XSS)

CVE ID : CVE-2025-55107 Published : Aug. 21, 2025, 8:15 p.m. | 6 hours, 39 minutes ago Description : There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55105 - Esri Portal for ArcGIS Enterprise Sites Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-55105 Published : Aug. 21, 2025, 8:15 p.m. | 4 hours, 39 minutes ago Description : There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-53795 - Microsoft PC Manager Privilege Escalation Vulnerability

CVE ID : CVE-2025-53795 Published : Aug. 21, 2025, 8:15 p.m. | 1 hour, 49 minutes ago Description : Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate privileges over a network. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-54460 - Apache Hadoop HDFS File Upload Vulnerability (Privilege Escalation)

CVE ID : CVE-2025-54460 Published : Aug. 21, 2025, 8:15 p.m. | 1 hour, 49 minutes ago Description : The vulnerability, if exploited, could allow an authenticated miscreant (with privileges to create or access publication targets of type Text File or HDFS) to upload and persist files that could potentially be executed. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55103 - Esri Portal for ArcGIS Enterprise Sites Stored XSS

CVE ID : CVE-2025-55103 Published : Aug. 21, 2025, 8:15 p.m. | 1 hour, 49 minutes ago Description : There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-55104 - ArcGIS HUB and ArcGIS Enterprise Sites Stored XSS

CVE ID : CVE-2025-55104 Published : Aug. 21, 2025, 8:15 p.m. | 1 hour, 49 minutes ago Description : A stored cross-site scripting (XSS) vulnerability exists ArcGIS HUB and ArcGIS Enterprise Sites which allows an authenticated user with the ability to create or edit a site to add and store an XSS payload. If this stored XSS payload is triggered by any user attacker supplied JavaScript may execute in the victim's browser. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-10015 - AOL Phobos.dll Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2010-10015 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attackers to execute arbitrary code in the context of the user, but only when the malicious HTML file is opened locally, due to the control not being marked safe for scripting or initialization. AOL remains an active and supported brand offering services like AOL Mail and AOL Desktop Gold, but the legacy AOL 9.5 desktop software—specifically the version containing the vulnerable Phobos.dll ActiveX control—is long discontinued and no longer maintained. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20109 - Barracuda Path Traversal Vulnerability

CVE ID : CVE-2010-20109 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the view_help.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal sequences and null-byte terminators to access arbitrary files on the underlying system. By exploiting this flaw, unauthenticated remote attackers can retrieve sensitive configuration files such as /mail/snapshot/config.snapshot, potentially exposing credentials, internal settings, and other critical data. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20111 - Digital Music Pad Buffer Overflow Vulnerability

CVE ID : CVE-2010-20111 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate input length, resulting in corruption of the Structured Exception Handler (SEH) on the stack. This flaw may allow an attacker to control execution flow when the file is opened, potentially leading to arbitrary code execution. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20112 - Amlib NetOpacs Webquery.dll Stack Buffer Overflow and Control Flow Vulnerability

CVE ID : CVE-2010-20112 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including the Structured Exception Handler (SEH). Additionally, malformed parameter names followed by an equals sign may result in unintended control flow behavior. This vulnerability is exposed through IIS and affects legacy Windows deployments Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20119 - CommuniCrypt Mail Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2010-20119 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : CommuniCrypt Mail versions up to and including 1.16 contains a stack-based buffer overflow vulnerability in its ANSMTP.dll and AOSMTP.dll ActiveX controls, specifically within the AddAttachments() method. This method fails to properly validate the length of input strings, allowing data to exceed the bounds of a fixed-size stack buffer. When invoked with an overly long string, the control can corrupt adjacent memory structures, including exception handlers, leading to potential control flow disruption. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2010-20121 - EasyFTP Server Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2010-20121 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.” Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-24489 - Apache File Upload Remote Code Execution

CVE ID : CVE-2025-24489 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : An attacker could exploit this vulnerability by uploading arbitrary files via a specific service, which could lead to system compromise. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-27714 - Apache File Upload Remote Code Execution Vulnerability

CVE ID : CVE-2025-27714 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : An attacker could exploit this vulnerability by uploading arbitrary files via the a specific endpoint, leading to unauthorized remote code execution or system compromise. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-27721 - INFINITT PACS Unauthenticated System Manager Access

CVE ID : CVE-2025-27721 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : Unauthorized users can access INFINITT PACS System Manager without proper authorization, which could lead to unauthorized access to system resources. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-3128 - Mitsubishi Electric smartRTU Remote Command Execution

CVE ID : CVE-2025-3128 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS commands to disclose, tamper with, destroy or delete information in Mitsubishi Electric smartRTU, or cause a denial-of service condition on the product. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-41415 - Adobe Publication Target Information Disclosure

CVE ID : CVE-2025-41415 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : The vulnerability, if exploited, could allow an authenticated miscreant (with privileges to access publication targets) to retrieve sensitive information that could then be used to gain additional access to downstream resources. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-51989 - Evolution Consulting Kft. HRmaster HTML Injection Vulnerability

CVE ID : CVE-2025-51989 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" (firstname) field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not registered, email address. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-53763 - Azure Databricks Privilege Escalation Vulnerability

CVE ID : CVE-2025-53763 Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago Description : Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 20:15:00 GMT

read more

CVE-2025-38742 - Dell iDRAC Service Module (iSM) Local Code Execution

CVE ID : CVE-2025-38742 Published : Aug. 21, 2025, 7:15 p.m. | 54 minutes ago Description : Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 19:15:00 GMT

read more

CVE-2025-38743 - Dell iDRAC Buffer Access with Incorrect Length Value Elevation of Privileges

CVE ID : CVE-2025-38743 Published : Aug. 21, 2025, 7:15 p.m. | 54 minutes ago Description : Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 19:15:00 GMT

read more

CVE-2025-57751 - Apache pyLoad Server-Side Request Forgery (SSRF) Vulnerability

CVE ID : CVE-2025-57751 Published : Aug. 21, 2025, 7:15 p.m. | 54 minutes ago Description : pyLoad is the free and open-source Download Manager written in pure Python. The jk parameter is received in pyLoad CNL Blueprint. Due to the lack of jk parameter verification, the jk parameter input by the user is directly determined as dykpy.evaljs(), resulting in the server CPU being fully occupied and the web-ui becoming unresponsive. This vulnerability is fixed in 0.5.0b3.dev92. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 19:15:00 GMT

read more

CVE-2024-50641 - PandoraNext TokensTool Authentication Bypass

CVE ID : CVE-2024-50641 Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago Description : An authentication bypass vulnerability in PandoraNext-TokensTool v0.6.8 and before. An attacker can exploit this vulnerability to access API without any token. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-43754 - Liferay Portal/Boundary Information Disclosure

CVE ID : CVE-2025-43754 Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago Description : Username enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows attackers to determine if an account exist in the application by inspecting the server processing time of the login request. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-52351 - Aikaan IoT Management Platform Password Disclosure

CVE ID : CVE-2025-52351 Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago Description : Aikaan IoT management platform v3.25.0325-5-g2e9c59796 sends a newly generated password to users in plaintext via email and also includes the same password as a query parameter in the account activation URL (e.g., https://domain.com/activate=xyz). This practice can result in password exposure via browser history, proxy logs, referrer headers, and email caching. The vulnerability impacts user credential confidentiality during initial onboarding. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-52352 - Aikaan IoT Management Platform Sign-up API Authentication Bypass

CVE ID : CVE-2025-52352 Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago Description : Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user sign-up in distributed deployments by hiding the sign-up option on the login page UI. However, the sign-up API endpoint remains publicly accessible and functional, allowing unauthenticated users to register accounts via APIs even when the feature is disabled. This leads to authentication bypass and unauthorized access to admin portals, violating intended access controls. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-55523 - Agent-Zero Directory Traversal Vulnerability

CVE ID : CVE-2025-55523 Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago Description : An issue in the component /api/download_work_dir_file.py of Agent-Zero v0.8.* allows attackers to execute a directory traversal. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-55524 - Agent-Zero Privilege Escalation Vulnerability

CVE ID : CVE-2025-55524 Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago Description : Insecure permissions in Agent-Zero v0.8.* allow attackers to arbitrarily reset the system via unspecified vectors. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-57768 - Phproject Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-57768 Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago Description : Phproject is a high performance full-featured project management system. From 1.8.0 to before 1.8.3, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Planned Hours field when creating a new project. When sending a POST request to /issues/new/, the value provided in the Planned Hours field is included in the server response without any HTML encoding or sanitization. Because of this, an attacker can craft a malicious payload such as alert(1) and include it in the planned_hours parameter. The server reflects the input directly in the HTML of the project creation page, causing the browser to interpret and execute it. This vulnerability is fixed in 1.8.3. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-7051 - N-central Syslog Configuration Privilege Escalation Vulnerability

CVE ID : CVE-2025-7051 Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago Description : On N-central, it is possible for any authenticated user to read, write and modify syslog configuration across customers on an N-central server. This vulnerability is present in all deployments of N-central prior to 2025.2. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 18:15:00 GMT

read more

CVE-2025-55522 - Akaunting XSS Injection

CVE ID : CVE-2025-55522 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : Cross-site scripting (XSS) vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57754 - Supabase URI Exposure in eslint-ban-moment

CVE ID : CVE-2025-57754 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : eslint-ban-moment is an Eslint plugin for final assignment in VIHU. In 3.0.0 and earlier, a sensitive Supabase URI is exposed in .env. A valid Supabase URI with embedded username and password will allow an attacker complete unauthorized access and control over database and user data. This could lead to data exfiltration, modification or deletion. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57755 - Claude-code-router CORS Credential Exposure

CVE ID : CVE-2025-57755 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : claude-code-router is a powerful tool to route Claude Code requests to different models and customize any request. Due to improper Cross-Origin Resource Sharing (CORS) configuration, there is a risk that user API Keys or equivalent credentials may be exposed to untrusted domains. Attackers could exploit this misconfiguration to steal credentials, abuse accounts, exhaust quotas, or access sensitive data. The issue has been patched in v1.0.34. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57761 - WeGIA Web Manager SQL Injection Vulnerability

CVE ID : CVE-2025-57761 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependente_remover.php endpoint, specifically in the id_funcionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This vulnerability is fixed in 3.4.10. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57762 - WeGIA Web Manager Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-57762 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting (XSS) vulnerability in the dependente_docdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.4.7. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57763 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-57763 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Reflected Cross-Site Scripting (XSS) vulnerability in the insere_despacho.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the cpf sccs. This vulnerability is fixed in 3.4.7. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57764 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-57764 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the cargos.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This vulnerability is fixed in 3.4.7. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-57765 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-57765 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the pre_cadastro_adotante.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This vulnerability is fixed in 3.4.7. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-6465 - Mattermost File Upload Path Traversal Vulnerability

CVE ID : CVE-2025-6465 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : Mattermost versions 10.8.x 10.8.3, 10.5.x 10.5.8, 10.10.x 10.10.0, 10.9.x 10.9.3 fail to sanitize file names which allows users with file upload permission to overwrite file attachment thumbnails via path traversal in file streaming APIs. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-7969 - Markdown-it XSS Vulnerability

CVE ID : CVE-2025-7969 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in markdown-it allows Cross-Site Scripting (XSS). This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-8402 - Mattermost Server Denial of Service Vulnerability

CVE ID : CVE-2025-8402 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : Mattermost versions 10.8.x 10.8.3, 10.5.x 10.5.8, 9.11.x 9.11.17, 10.10.x 10.10.0, 10.9.x 10.9.3 fail to validate import data which allows a system admin to crash the server via the bulk import feature. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-9309 - Tenda MD5 Hash Handler Local Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-9309 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etc_ro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The exploit has been made public and could be used. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-9310 - YeQuifu CarRental Druid Hard-Coded Credentials Remote Vulnerability

CVE ID : CVE-2025-9310 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : A vulnerability was determined in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. Affected by this vulnerability is an unknown functionality of the file /carRental_war/druid/login.html of the component Druid. Executing manipulation can lead to hard-coded credentials. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-9311 - iSourcecode Apartment Management System SQL Injection

CVE ID : CVE-2025-9311 Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago Description : A vulnerability was identified in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fair/addfair.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2024-45438 - SpamTitan Email Security Gateway Unauthenticated Account Creation Vulnerability

CVE ID : CVE-2024-45438 Published : Aug. 21, 2025, 5:15 p.m. | 54 minutes ago Description : An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.php within the SpamTitan interface allows unauthenticated users to trigger account-level actions using a crafted GET request. Notably, when a non-existent email address is provided as part of the email parameter, SpamTitan will automatically create a user record and associate quarantine settings with it - all without requiring authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-43755 - Liferay Portal Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-43755 Published : Aug. 21, 2025, 5:15 p.m. | 54 minutes ago Description : A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 t through 7.4.3.132, and Liferay DXP 2025.Q2.0, 2025.Q1.0 through 2025.Q1.13, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 allows an remote authenticated attacker to inject JavaScript into the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_type parameter. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-43756 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-43756 Published : Aug. 21, 2025, 5:15 p.m. | 54 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.15, 2025.Q2.0 through 2025.Q2.2 and 2024.Q1.13 through 2024.Q1.19 allows a remote authenticated user to inject JavaScript code via snippet parameter. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-55521 - Akaunting Settings Localisation Denial of Service (DoS)

CVE ID : CVE-2025-55521 Published : Aug. 21, 2025, 5:15 p.m. | 54 minutes ago Description : An issue in the component /settings/localisation of Akaunting v3.1.18 allows authenticated attackers to cause a Denial of Service (DoS) via a crafted POST request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 17:15:00 GMT

read more

CVE-2025-55743 - UnoPim Laravel File Upload Validation Bypass

CVE ID : CVE-2025-55743 Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago Description : UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. Make changes to the file extension and content. The vulnerability is fixed in 0.2.1. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-55744 - UnoPim Laravel CSRF Vulnerability

CVE ID : CVE-2025-55744 Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago Description : UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery (CSRF). This vulnerability is fixed in 0.2.1. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-57753 - Vite-Plugin-Static-Copy Unauthorized File Access Vulnerability

CVE ID : CVE-2025-57753 Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago Description : vite-plugin-static-copy is rollup-plugin-copy for Vite with dev server support. Files not included in src are accessible with a crafted request. The vulnerability is fixed in 2.3.2 and 3.1.2. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-9162 - Keycloak KeycloakRealmImport Environment Variable Injection Vulnerability

CVE ID : CVE-2025-9162 Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago Description : A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process allows for injection attacks when crafted realm documents are processed. An attacker can leverage this to inject malicious content during the realm import procedure. This can lead to unintended consequences within the Keycloak environment. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-9306 - SourceCodester Advanced School Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9306 Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago Description : A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-9307 - PHPGurukul Online Course Registration SQL Injection Vulnerability

CVE ID : CVE-2025-9307 Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago Description : A flaw has been found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /admin/session.php. This manipulation of the argument sesssion causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-9308 - Yarn SetOptions Regular Expression Inefficient Complexity Vulnerability

CVE ID : CVE-2025-9308 Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago Description : A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 16:15:00 GMT

read more

CVE-2025-48956 - Apache vLLM HTTP Header DoS Vulnerability

CVE ID : CVE-2025-48956 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.10.1.1, a Denial of Service (DoS) vulnerability can be triggered by sending a single HTTP GET request with an extremely large header to an HTTP endpoint. This results in server memory exhaustion, potentially leading to a crash or unresponsiveness. The attack does not require authentication, making it exploitable by any remote user. This vulnerability is fixed in 0.10.1.1. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-50860 - Easy Hosting Control Panel SQL Injection

CVE ID : CVE-2025-50860 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : SQL Injection in the listdomains function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to access or manipulate database contents via the arananalan POST parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-52194 - Libsndfile IRCAM Audio File Buffer Overflow Vulnerability

CVE ID : CVE-2025-52194 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-53251 - An-Themes Pin WP RCE File Upload Vulnerability

CVE ID : CVE-2025-53251 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP allows Upload a Web Shell to a Web Server.This issue affects Pin WP: from n/a through 6.9. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-55297 - Espressif ESP-IDF BluFi Wi-Fi Credential Handling and Diffie-Hellman Key Exchange Memory Overflow Vulnerability

CVE ID : CVE-2025-55297 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9. Severity: 5.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-55371 - jshERP Insecure Direct Object Reference (IDOR)

CVE ID : CVE-2025-55371 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows unauthorized attackers to obtain all the information of the handler by executing the getAllList method. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-55383 - Moss File Upload Vulnerability

CVE ID : CVE-2025-55383 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-9303 - TOTOLINK A720R Buffer Overflow in setParentalRules

CVE ID : CVE-2025-9303 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument desc results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-9304 - SourceCodester Online Bank Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9304 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit has been made available to the public and could be exploited. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-9305 - SourceCodester Online Bank Management System SQL Injection

CVE ID : CVE-2025-9305 Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago Description : A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 15:15:00 GMT

read more

CVE-2025-34158 - Plex Media Server Remote Code Execution Vulnerability

CVE ID : CVE-2025-34158 Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified security vulnerability reported via Plex’s bug bounty program. While technical details have not been publicly disclosed, the issue was acknowledged by the vendor and resolved in version 1.42.1. The vulnerability may have posed a risk to system integrity, confidentiality, or availability, prompting a strong recommendation for all users to upgrade immediately. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-51818 - MCCMS PHP Code Injection

CVE ID : CVE-2025-51818 Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago Description : MCCMS 2.7.0 is vulnerable to Arbitrary file deletion in the Backups.php component. This allows an attacker to execute arbitrary commands Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55366 - jshERP Unauthenticated User Password Reset and Privilege Escalation

CVE ID : CVE-2025-55366 Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago Description : Incorrect access control in the component \controller\UserController.java of jshERP v3.5 allows attackers to arbitrarily reset user account passwords and execute a horizontal privilege escalation attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55367 - jshERP Arbitrary Supplier Status Modification Vulnerability

CVE ID : CVE-2025-55367 Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago Description : Incorrect access control in the component \controller\SupplierController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55368 - jshERP Unauthenticated Supplier Status Modification Vulnerability

CVE ID : CVE-2025-55368 Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago Description : Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55370 - jshERP SQL Injection

CVE ID : CVE-2025-55370 Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago Description : Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-55564 - Tenda AC15 Denial of Service (DoS) Stack Overflow

CVE ID : CVE-2025-55564 Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago Description : Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list parameter in the fromSetIpMacBind function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-9301 - "CMake Local Assertion Vulnerability"

CVE ID : CVE-2025-9301 Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago Description : A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Patch name: 37e27f71bc356d880c908040cd0cb68fa2c371b8. It is suggested to install a patch to address this issue. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-9302 - PHPGurukul User Management System SQL Injection

CVE ID : CVE-2025-9302 Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago Description : A vulnerability was identified in PHPGurukul User Management System 1.0. This vulnerability affects unknown code of the file /signup.php. Such manipulation of the argument emailid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 14:15:00 GMT

read more

CVE-2025-47184 - Exagid EX10 XXE Injection Vulnerability

CVE ID : CVE-2025-47184 Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago Description : An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 7.0.1p02 allows an authenticated, unprivileged attacker to achieve information disclosure and privilege escalation via a crafted ISys XML message. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9297 - Tenda i22 Remote Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9297 Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago Description : A vulnerability was detected in Tenda i22 1.0.0.3(4687). This impacts the function formWeixinAuthInfoGet of the file /goform/wxportalauth. Performing manipulation of the argument Type results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9298 - Tenda M3 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9298 Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago Description : A flaw has been found in Tenda M3 1.0.0.12. Affected is the function formQuickIndex of the file /goform/QuickIndex. Executing manipulation of the argument PPPOEPassword can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9299 - Tenda M3 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9299 Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago Description : A vulnerability has been found in Tenda M3 1.0.0.12. Affected by this vulnerability is the function formGetMasterPassengerAnalyseData of the file /goform/getMasterPassengerAnalyseData. The manipulation of the argument Time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9300 - Saitoha Libsixel Local Stack-Based Buffer Overflow

CVE ID : CVE-2025-9300 Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago Description : A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is identified as 316c086e79d66b62c0c4bc66229ee894e4fdb7d1. Applying a patch is advised to resolve this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 13:15:00 GMT

read more

CVE-2025-9296 - Emlog Pro Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9296 Published : Aug. 21, 2025, 12:15 p.m. | 3 hours, 53 minutes ago Description : A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=update_avatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 12:15:00 GMT

read more

CVE-2025-8064 - WordPress Bible SuperSearch Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8064 Published : Aug. 21, 2025, 10:15 a.m. | 3 hours, 53 minutes ago Description : The Bible SuperSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘selector_height’ parameter in all versions up to, and including, 6.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 10:15:00 GMT

read more

CVE-2025-47700 - Mattermost Server Open Redirect

CVE ID : CVE-2025-47700 Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago Description : Mattermost Server versions 10.5.x 10.5.9 utilizing the Agents plugin fail to reject empty request bodies which allows users to trick users into clicking malicious links via post actions Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-47870 - Mattermost Team Invite ID Disclosure

CVE ID : CVE-2025-47870 Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago Description : Mattermost versions 10.8.x 10.8.3, 10.5.x 10.5.8, 9.11.x 9.11.17, 10.9.x 10.9.2 fail to sanitize the team invite ID in the POST /api/v4/teams/:teamId/restore endpoint which allows an team admin with no member invite privileges to get the team’s invite id. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-49222 - Mattermost File Type Validation Bypass

CVE ID : CVE-2025-49222 Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago Description : Mattermost versions 10.8.x 10.8.3, 10.5.x 10.5.8, 9.11.x 9.11.17, 10.9.x 10.9.2, 10.10.x 10.10.0 fail to validate upload types in remote cluster upload sessions which allows a system admin to upload non-attachment file types via shared channels that could potentially be placed in arbitrary filesystem directories. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-49810 - Mattermost Information Disclosure

CVE ID : CVE-2025-49810 Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago Description : Mattermost versions 10.5.x 10.5.8 fail to validate access controls at time of access which allows user to read a thread via AI posts Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-53971 - Mattermost Authorization Bypass Vulnerability

CVE ID : CVE-2025-53971 Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago Description : Mattermost versions 10.5.x 10.5.8, 9.11.x 9.11.17 fail to properly validate authorization for team scheme role modifications which allows Team Admins to demote Team Members to Guests via the PUT /api/v4/teams/team-id/members/user-id/schemeRoles API endpoint. Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-8023 - Mattermost Path Traversal Vulnerability

CVE ID : CVE-2025-8023 Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago Description : Mattermost versions 10.8.x 10.8.3, 10.5.x 10.5.8, 9.11.x 9.11.17, 10.9.x 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file placement outside intended directories. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-8895 - WordPress Webhooks Plugin Unauthenticated Arbitrary File Copy Vulnerability

CVE ID : CVE-2025-8895 Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago Description : The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing validation of user-supplied input in all versions up to, and including, 3.3.5. This makes it possible for unauthenticated attackers to copy arbitrary files on the affected site's server to arbitrary locations. This can be used to copy the contents of wp-config.php into a text file which can then be accessed in a browser to reveal database credentials. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 08:15:00 GMT

read more

CVE-2025-36530 - Mattermost Plugin Path Traversal Vulnerability

CVE ID : CVE-2025-36530 Published : Aug. 21, 2025, 7:15 a.m. | 6 hours, 53 minutes ago Description : Mattermost versions 10.9.x 10.9.1, 10.8.x 10.8.3, 10.5.x 10.5.8, 9.11.x 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin signature enforcement and marketplace restrictions. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 07:15:00 GMT

read more

CVE-2025-7221 - GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Payment Status Modification Vulnerability

CVE ID : CVE-2025-7221 Published : Aug. 21, 2025, 6:15 a.m. | 7 hours, 53 minutes ago Description : The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the give_update_payment_status() function in all versions up to, and including, 4.5.0. This makes it possible for authenticated attackers, with GiveWP Worker-level access and above, to update donations statuses. This ability is not present in the user interface. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 06:15:00 GMT

read more

CVE-2025-7390 - "OPC.HTTPS Client Certificate Trust Bypass"

CVE ID : CVE-2025-7390 Published : Aug. 21, 2025, 6:15 a.m. | 7 hours, 53 minutes ago Description : A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 06:15:00 GMT

read more

CVE-2025-8592 - WordPress Inspiro CSRF Plugin Installation

CVE ID : CVE-2025-8592 Published : Aug. 21, 2025, 6:15 a.m. | 7 hours, 53 minutes ago Description : The Inspiro theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.2. This is due to missing or incorrect nonce validation on the inspiro_install_plugin() function. This makes it possible for unauthenticated attackers to install plugins from the repository via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 06:15:00 GMT

read more

CVE-2025-8607 - FunnelKit SlingBlocks Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8607 Published : Aug. 21, 2025, 6:15 a.m. | 7 hours, 53 minutes ago Description : The SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown block's attributes in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 06:15:00 GMT

read more

CVE-2025-53504 - Group-Office Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-53504 Published : Aug. 21, 2025, 5:15 a.m. | 8 hours, 53 minutes ago Description : Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 05:15:00 GMT

read more

CVE-2025-53505 - Group-Office Path Traversal Vulnerability

CVE ID : CVE-2025-53505 Published : Aug. 21, 2025, 5:15 a.m. | 8 hours, 53 minutes ago Description : Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path traversal vulnerability. If this vulnerability is exploited, information on the server hosting the product may be exposed. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 05:15:00 GMT

read more

CVE-2025-57829 - Apache HTTP Server Command Injection

CVE ID : CVE-2025-57829 Published : Aug. 21, 2025, 4:16 a.m. | 9 hours, 52 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:16:00 GMT

read more

CVE-2025-57830 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-57830 Published : Aug. 21, 2025, 4:16 a.m. | 9 hours, 52 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:16:00 GMT

read more

CVE-2025-57831 - Apache HTTP Server Unknown Method Response

CVE ID : CVE-2025-57831 Published : Aug. 21, 2025, 4:16 a.m. | 9 hours, 52 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:16:00 GMT

read more

CVE-2025-57832 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-57832 Published : Aug. 21, 2025, 4:16 a.m. | 9 hours, 52 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:16:00 GMT

read more

CVE-2025-57824 - "Apache Struts Deserialization Vulnerability"

CVE ID : CVE-2025-57824 Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-57825 - Cisco WebEx Meeting Center Cross-Site Request Forgery

CVE ID : CVE-2025-57825 Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-57826 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-57826 Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-57827 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-57827 Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-57828 - Apache HTTP Server Unsecured Configuration

CVE ID : CVE-2025-57828 Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-48355 - ProveSource Social Proof Information Exposure Vulnerability

CVE ID : CVE-2025-48355 Published : Aug. 21, 2025, 4:15 a.m. | 7 hours, 11 minutes ago Description : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ProveSource LTD ProveSource Social Proof allows Retrieve Embedded Sensitive Data.This issue affects ProveSource Social Proof: from n/a through 3.0.5. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 04:15:00 GMT

read more

CVE-2025-48978 - Ubiquiti Networks EdgeMAX EdgeSwitch Command Injection Vulnerability

CVE ID : CVE-2025-48978 Published : Aug. 21, 2025, 1:15 a.m. | 8 hours, 11 minutes ago Description : An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.11.0 and earlier) could allow a Command Injection by a malicious actor with access to EdgeSwitch adjacent network. Affected Products: EdgeMAX EdgeSwitch (Version 1.11.0 and earlier) Mitigation: Update the EdgeMAX EdgeSwitch to Version 1.11.1 or later. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-24285 - "UniFi Connect EV Station Lite Command Injection Vulnerability"

CVE ID : CVE-2025-24285 Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 36 minutes ago Description : Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with network access to the UniFi Connect EV Station Lite. Affected Products: UniFi Connect EV Station Lite (Version 1.5.1 and earlier) Mitigation: Update UniFi Connect EV Station Lite to Version 1.5.2 or later Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27213 - Ubiquiti UniFi Connect Improper Access Control Vulnerability

CVE ID : CVE-2025-27213 Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago Description : An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge (ADB) and make unsupported changes to the system. Affected Products: UniFi Connect EV Station Pro (Version 1.5.18 and earlier) UniFi Connect Display (Version 1.9.324 and earlier) UniFi Connect Display Cast (Version 1.9.301 and earlier) UniFi Connect Display Cast Pro (Version 1.0.78 and earlier) UniFi Connect Display Cast Lite (Version 1.0.3 and earlier) Mitigation: Update UniFi Connect EV Station Pro to Version 1.5.27 or later Update UniFi Connect Display to Version 1.13.6 or later Update UniFi Connect Display Cast to Version 1.10.3 or later Update UniFi Connect Display Cast Pro to Version 1.0.83 or later Update UniFi Connect Display Cast Lite to Version 1.1.3 or later Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27214 - "UniFi Connect EV Station Pro Authentication Bypass"

CVE ID : CVE-2025-27214 Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago Description : A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset. Affected Products: UniFi Connect EV Station Pro (Version 1.5.18 and earlier) Mitigation: Update UniFi Connect EV Station Pro to Version 1.5.27 or later Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27215 - Ubiquiti UniFi Connect Display Cast Insufficient Authentication Access Control Vulnerability

CVE ID : CVE-2025-27215 Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago Description : An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system. Affected Products: UniFi Connect Display Cast (Version 1.10.3 and earlier) UniFi Connect Display Cast Pro (Version 1.0.89 and earlier) UniFi Connect Display Cast Lite (Version 1.0.3 and earlier) Mitigation: Update UniFi Connect Display Cast to Version 1.10.7 or later Update UniFi Connect Display Cast Pro to Version 1.0.94 or later Update UniFi Connect Display Cast Lite to Version 1.1.8 or later Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27216 - "UISP Privilege Escalation Vulnerability"

CVE ID : CVE-2025-27216 Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago Description : Multiple Incorrect Permission Assignment for Critical Resource in UISP Application may allow a malicious actor with certain permissions to escalate privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-27217 - "UISP Server-Side Request Forgery Vulnerability"

CVE ID : CVE-2025-27217 Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago Description : A Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with certain permissions to make requests outside of UISP Application scope. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-43300 - Apple macOS and iPadOS Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-43300 Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago Description : An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 01:15:00 GMT

read more

CVE-2025-9264 - Xuxueli XXL-Job ID Resource Manipulation Remote Code Execution Vulnerability

CVE ID : CVE-2025-9264 Published : Aug. 21, 2025, 12:15 a.m. | 6 hours, 36 minutes ago Description : A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function remove of the file /src/main/java/com/xxl/job/admin/controller/JobInfoController.java of the component Jobs Handler. Performing manipulation of the argument ID results in improper control of resource identifiers. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 21 Aug 2025 00:15:00 GMT

read more

Fuite de données chez Auchan

]]>

Thu Aug 21 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-9253 - Linksys Router Stack-Based Buffer Overflow

CVE ID : CVE-2025-9253 Published : Aug. 20, 2025, 11:15 p.m. | 6 hours, 44 minutes ago Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RP_doSpecifySiteSurvey of the file /goform/RP_doSpecifySiteSurvey. The manipulation of the argument ssidhex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 23:15:00 GMT

read more

CVE-2025-9262 - "Wong2 mcp-cli OAuth Handler Remote OS Command Injection Vulnerability"

CVE ID : CVE-2025-9262 Published : Aug. 20, 2025, 11:15 p.m. | 6 hours, 44 minutes ago Description : A flaw has been found in wong2 mcp-cli 1.13.0. Affected is the function redirectToAuthorization of the file /src/oauth/provider.js of the component oAuth Handler. This manipulation causes os command injection. The attack may be initiated remotely. The attack is considered to have high complexity. The exploitability is told to be difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 23:15:00 GMT

read more

CVE-2025-9263 - Xuxueli XXL-Job Remote Resource Identifier Manipulation Vulnerability

CVE ID : CVE-2025-9263 Published : Aug. 20, 2025, 11:15 p.m. | 6 hours, 44 minutes ago Description : A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java. Such manipulation of the argument jobGroup leads to improper control of resource identifiers. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 23:15:00 GMT

read more

CVE-2025-9288 - Sha.js Input Validation Vulnerability

CVE ID : CVE-2025-9288 Published : Aug. 20, 2025, 10:15 p.m. | 7 hours, 44 minutes ago Description : Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-9252 - Linksys RE6000 Series Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9252 Published : Aug. 20, 2025, 10:15 p.m. | 6 hours, 35 minutes ago Description : A weakness has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function DisablePasswordAlertRedirect of the file /goform/DisablePasswordAlertRedirect. Executing manipulation of the argument hint can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-9287 - Cipher-Base Cryptographic Input Data Manipulation Vulnerability

CVE ID : CVE-2025-9287 Published : Aug. 20, 2025, 10:15 p.m. | 6 hours, 35 minutes ago Description : Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-57749 - n8n Symlink Traversal Vulnerability

CVE ID : CVE-2025-57749 Published : Aug. 20, 2025, 10:15 p.m. | 5 hours, 44 minutes ago Description : n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links (symlinks). An attacker with the ability to create symlinks—such as by using the Execute Command node—could exploit this to bypass the intended directory restrictions and read from or write to otherwise inaccessible paths. Users of n8n.cloud are not impacted. Affected users should update to version 1.106.0 or later. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-9250 - Linksys RE Series Stack-Based Buffer Overflow

CVE ID : CVE-2025-9250 Published : Aug. 20, 2025, 10:15 p.m. | 5 hours, 44 minutes ago Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function setPWDbyBBS of the file /goform/setPWDbyBBS. Such manipulation of the argument hint leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2025-9251 - Linksys Router Sta WPS Pin Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9251 Published : Aug. 20, 2025, 10:15 p.m. | 5 hours, 44 minutes ago Description : A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function sta_wps_pin of the file /goform/sta_wps_pin. Performing manipulation of the argument Ssid results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 22:15:00 GMT

read more

CVE-2024-57155 - Radar Authentication Bypass Vulnerability

CVE ID : CVE-2024-57155 Published : Aug. 20, 2025, 9:15 p.m. | 6 hours, 44 minutes ago Description : Incorrect access control in radar v1.0.8 allows attackers to bypass authentication and access sensitive APIs without a token. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 21:15:00 GMT

read more

CVE-2025-9247 - Linksys Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9247 Published : Aug. 20, 2025, 9:15 p.m. | 6 hours, 44 minutes ago Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function setVlan of the file /goform/setVlan. The manipulation of the argument vlan_set leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 21:15:00 GMT

read more

CVE-2025-9248 - Linksys RE Series Remote Stack-Based Buffer Overflow

CVE ID : CVE-2025-9248 Published : Aug. 20, 2025, 9:15 p.m. | 6 hours, 44 minutes ago Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function RP_pingGatewayByBBS of the file /goform/RP_pingGatewayByBBS. The manipulation of the argument ssidhex results in stack-based buffer overflow. The attack may be performed from a remote location. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 21:15:00 GMT

read more

CVE-2025-9249 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9249 Published : Aug. 20, 2025, 9:15 p.m. | 6 hours, 44 minutes ago Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function DHCPReserveAddGroup of the file /goform/DHCPReserveAddGroup. This manipulation of the argument enable_group/name_group/ip_group/mac_group causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 21:15:00 GMT

read more

CVE-2025-9244 - "Linksys Router AddStaticRoute Command Injection Vulnerability"

CVE ID : CVE-2025-9244 Published : Aug. 20, 2025, 8:15 p.m. | 7 hours, 44 minutes ago Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function addStaticRoute of the file /goform/addStaticRoute. Such manipulation of the argument staticRoute_IP_setting/staticRoute_Netmask_setting/staticRoute_Gateway_setting/staticRoute_Metric_setting/staticRoute_destType_setting leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-9245 - "Linksys WPSSTAPINEnr Stack-Based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-9245 Published : Aug. 20, 2025, 8:15 p.m. | 7 hours, 44 minutes ago Description : A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function WPSSTAPINEnr of the file /goform/WPSSTAPINEnr. Performing manipulation of the argument ssid results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-9246 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9246 Published : Aug. 20, 2025, 8:15 p.m. | 7 hours, 44 minutes ago Description : A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function check_port_conflict of the file /goform/check_port_conflict. Executing manipulation of the argument single_port_rule/port_range_rule can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2024-57154 - Dts-Shop Authentication Bypass

CVE ID : CVE-2024-57154 Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago Description : Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication via sending a crafted payload to /admin/auth/index. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-43757 - Liferay Portal Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-43757 Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.2, 2025.Q1.0 through 2025.Q1.14, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.18 and 7.4 GA through update 92 allows a remote authenticated attacker to inject JavaScript code via _com_liferay_dynamic_data_mapping_web_portlet_DDMPortlet_definition parameter. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-50902 - Old-Peanut Wechat Applet CSRF Vulnerability

CVE ID : CVE-2025-50902 Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago Description : Cross Site Request Forgery (CSRF) vulnerability in old-peanut Open-Shop (aka old-peanut/wechat_applet__open_source) thru 1.0.0 allows attackers to gain sensitive information via crafted HTTP Post message. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-54988 - Apache Tika XXE Vulnerability

CVE ID : CVE-2025-54988 Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago Description : Critical XXE in Apache Tika (tika-parser-pdf-module) in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party servers. Note that the tika-parser-pdf-module is used as a dependency in several Tika packages including at least: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc and tika-server-standard. Users are recommended to upgrade to version 3.2.2, which fixes this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-5115 - Jetty HTTP/2 Client Resource Exhaustion Denial of Service

CVE ID : CVE-2025-5115 Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago Description : In Eclipse Jetty, versions 9.4.57, 10.0.25, 11.0.25, 12.0.21, 12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume resources such as CPU and memory. For example, a client can open a stream and then send WINDOW_UPDATE frames with window size increment of 0, which is illegal. Per specification https://www.rfc-editor.org/rfc/rfc9113.html#name-window_update , the server should send a RST_STREAM frame. The client can now open another stream and send another bad WINDOW_UPDATE, therefore causing the server to consume more resources than necessary, as this case does not exceed the max number of concurrent streams, yet the client is able to create an enormous amount of streams in a short period of time. The attack can be performed with other conditions (for example, a DATA frame for a closed stream) that cause the server to send a RST_STREAM frame. Links: * https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-9241 - Elunez Eladmin CSV Injection Vulnerability

CVE ID : CVE-2025-9241 Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago Description : A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 20:15:00 GMT

read more

CVE-2025-43746 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43746 Published : Aug. 20, 2025, 7:15 p.m. | 6 hours, 8 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.2, 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.18 and 7.4 GA through update 92 allows a remote authenticated attacker to inject JavaScript code via _com_liferay_dynamic_data_mapping_web_portlet_DDMPortlet_portletNamespace and _com_liferay_dynamic_data_mapping_web_portlet_DDMPortlet_namespace parameter. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 19:15:00 GMT

read more

CVE-2025-9240 - Elunez Eladmin Information Disclosure Vulnerability

CVE ID : CVE-2025-9240 Published : Aug. 20, 2025, 7:15 p.m. | 6 hours, 8 minutes ago Description : A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 19:15:00 GMT

read more

CVE-2024-57152 - My-Site Unauthenticated Access Control Vulnerability

CVE ID : CVE-2024-57152 Published : Aug. 20, 2025, 7:15 p.m. | 3 hours, 34 minutes ago Description : Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 19:15:00 GMT

read more

CVE-2025-9237 - CodeAstro Ecommerce Website Cross Site Scripting

CVE ID : CVE-2025-9237 Published : Aug. 20, 2025, 6:15 p.m. | 4 hours, 34 minutes ago Description : A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-9238 - Swatadru Exam-Seating-Arrangement SQL Injection Vulnerability

CVE ID : CVE-2025-9238 Published : Aug. 20, 2025, 6:15 p.m. | 4 hours, 34 minutes ago Description : A vulnerability was determined in Swatadru Exam-Seating-Arrangement up to 97335ccebf95468d92525f4255a2241d2b0b002f. Affected is an unknown function of the file /student.php of the component Student Login. Executing manipulation of the argument email can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-9239 - Elunez Eladmin DES Key Handler Weak Encryption Strength Vulnerability

CVE ID : CVE-2025-9239 Published : Aug. 20, 2025, 6:15 p.m. | 4 hours, 34 minutes ago Description : A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STR_PARAM with the input Passw0rd leads to inadequate encryption strength. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitation appears to be difficult. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2024-53495 - Apache Struts Unauthenticated Access Control Bypass

CVE ID : CVE-2024-53495 Published : Aug. 20, 2025, 6:15 p.m. | 3 hours, 35 minutes ago Description : Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-47054 - Adobe Experience Manager DOM-based Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47054 Published : Aug. 20, 2025, 6:15 p.m. | 3 hours, 35 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a specially crafted web page. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-55746 - Directus Unauthenticated File Upload and Modification Vulnerability

CVE ID : CVE-2025-55746 Published : Aug. 20, 2025, 6:15 p.m. | 3 hours, 35 minutes ago Description : Directus is a real-time API and App dashboard for managing SQL database content. From 10.8.0 to before 11.9.3, a vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing files with arbitrary contents (without changes being applied to the files' database-resident metadata) and / or upload new files, with arbitrary content and extensions, which won't show up in the Directus UI. This vulnerability is fixed in 11.9.3. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-9236 - Portabilis i-Diario SQL Injection Vulnerability

CVE ID : CVE-2025-9236 Published : Aug. 20, 2025, 6:15 p.m. | 3 hours, 35 minutes ago Description : A vulnerability has been found in Portabilis i-Diario up to 2.10. This affects an unknown function of the file /intranet/educar_tipo_usuario_lst.php of the component Tipos de usàrio Page. Such manipulation of the argument nm_tipo leads to sql injection. The attack may be performed from a remote location. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 18:15:00 GMT

read more

CVE-2025-9234 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9234 Published : Aug. 20, 2025, 5:15 p.m. | 4 hours, 35 minutes ago Description : A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenance_events.shtm. The manipulation of the argument Alias results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-9235 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9235 Published : Aug. 20, 2025, 5:15 p.m. | 4 hours, 35 minutes ago Description : A flaw has been found in Scada-LTS up to 2.7.8.1. The impacted element is an unknown function of the file compound_events.shtm. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8415 - Cryostat Information Disclosure

CVE ID : CVE-2025-8415 Published : Aug. 20, 2025, 5:15 p.m. | 3 hours, 34 minutes ago Description : A vulnerability was found in the Cryostat HTTP API. Cryostat's HTTP API binds to all network interfaces, allowing possible external visibility and access to the API port if Network Policies are disabled, allowing an unauthenticated, malicious attacker to jeopardize the environment. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8610 - AOMEI Cyber Backup Remote Code Execution Vulnerability

CVE ID : CVE-2025-8610 Published : Aug. 20, 2025, 5:15 p.m. | 3 hours, 34 minutes ago Description : AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AOMEI Cyber Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the StorageNode service, which listens on TCP port 9075 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-26156. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8611 - AOMEI Cyber Backup Remote Code Execution (RCE) Missing Authentication

CVE ID : CVE-2025-8611 Published : Aug. 20, 2025, 5:15 p.m. | 3 hours, 34 minutes ago Description : AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AOMEI Cyber Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DaoService service, which listens on TCP port 9074 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-26158. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8612 - AOMEI Backupper Workstation Local Privilege Escalation (LPE)

CVE ID : CVE-2025-8612 Published : Aug. 20, 2025, 5:15 p.m. | 3 hours, 34 minutes ago Description : AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AOMEI Backupper Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. User interaction on the part of an administrator is needed additionally. The specific flaw exists within the restore functionality. By creating a junction, an attacker can abuse the service to create arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27059. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46998 - Adobe Experience Manager Stored XSS Vulnerability

CVE ID : CVE-2025-46998 Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-50901 - JeeWMS Authentication Bypass Vulnerability

CVE ID : CVE-2025-50901 Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago Description : JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication bypass vulnerability, which can lead to arbitrary file reading. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-50904 - WinterChenS my-site Authentication Bypass

CVE ID : CVE-2025-50904 Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago Description : There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to access /admin/ API without any token. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-55444 - Online Artwork Fine Arts MCA Project SQL Injection Vulnerability

CVE ID : CVE-2025-55444 Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago Description : A SQL injection vulnerability exists in the id2 parameter of the cancel_booking.php page in Online Artwork and Fine Arts MCA Project 1.0. A remote attacker can inject arbitrary SQL queries, leading to database enumeration and potential remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-6180 - StrongDM Client Authentication Token Interception Vulnerability

CVE ID : CVE-2025-6180 Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago Description : The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication credentials through a race condition. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-6181 - StrongDM Windows Privilege Escalation Remote Code Execution

CVE ID : CVE-2025-6181 Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago Description : The StrongDM Windows service incorrectly handled input validation. Authenticated attackers could potentially exploit this leading to privilege escalation. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-6182 - StrongDM Windows Certificate Management Privilege Escalation Vulnerability

CVE ID : CVE-2025-6182 Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago Description : The StrongDM Windows service incorrectly handled communication related to system certificate management. Attackers could exploit this behavior to install untrusted root certificates or remove trusted ones. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-6183 - StrongDM macOS Client JSON Injection Vulnerability

CVE ID : CVE-2025-6183 Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago Description : The StrongDM macOS client incorrectly processed JSON-formatted messages. Attackers could potentially modify macOS system configuration by crafting a malicious JSON message. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-8309 - ManageEngine Asset Explorer Privilege Escalation Vulnerability

CVE ID : CVE-2025-8309 Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago Description : There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp. This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110, ServiceDesk Plus MSP versions before 14940, and SupportCenter Plus versions before 14940. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46932 - Adobe Experience Manager Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-46932 Published : Aug. 20, 2025, 5:15 p.m. | 1 hour, 35 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46936 - Adobe Experience Manager Stored XSS Vulnerability

CVE ID : CVE-2025-46936 Published : Aug. 20, 2025, 5:15 p.m. | 1 hour, 35 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46962 - Adobe Experience Manager Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46962 Published : Aug. 20, 2025, 5:15 p.m. | 1 hour, 35 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-20131 - Cisco ISE GUI File Upload Vulnerability (Arbitrary File Upload)

CVE ID : CVE-2025-20131 Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago Description : A vulnerability in the GUI of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload via the ISE GUI. A successful exploit could allow the attacker to upload arbitrary files to an affected system. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-20269 - Cisco EPNM and Prime Infrastructure HTTP Request Validation Bypass Vulnerability

CVE ID : CVE-2025-20269 Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago Description : A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device. This vulnerability is due to insufficient input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface on an affected device. A successful exploit could allow the attacker to access sensitive files from the affected device. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-20345 - Cisco Duo Authentication Proxy Sensitive Information Disclosure Vulnerability

CVE ID : CVE-2025-20345 Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago Description : A vulnerability in the debug logging function of Cisco Duo Authentication Proxy could allow an authenticated, high-privileged, remote attacker to view sensitive information in a system log file. This vulnerability is due to insufficient masking of sensitive information before it is written to system log files. An attacker could exploit this vulnerability by accessing logs on an affected system. A successful exploit could allow the attacker to view sensitive information that should be restricted.  Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-28041 - itranswarp Unauthenticated Access Control Vulnerability

CVE ID : CVE-2025-28041 Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago Description : Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to access sensitive components without authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46849 - Adobe Experience Manager Stored XSS

CVE ID : CVE-2025-46849 Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46852 - Adobe Experience Manager Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-46852 Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2025-46856 - Adobe Experience Manager DOM-based Cross-Site Scripting (XSS)

CVE ID : CVE-2025-46856 Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a specially crafted web page. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 17:15:00 GMT

read more

CVE-2009-10005 - ContentKeeper Web Appliance File Inclusion Vulnerability

CVE ID : CVE-2009-10005 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output parameters, attackers can read sensitive files such as /etc/passwd outside the webroot. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-10014 - Odin Secure FTP Directory Listing Buffer Overflow Vulnerability

CVE ID : CVE-2010-10014 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Odin Secure FTP 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which overflows a fixed-size stack buffer in the client and overwrites the Structured Exception Handler (SEH). This allows remote attackers to execute arbitrary code on the client system. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20042 - Xion Audio Player SEH Overwrite Vulnerability

CVE ID : CVE-2010-20042 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Xion Audio Player versions prior to 1.0.126 are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20045 - FileWrangler FTP Server Buffer Overflow

CVE ID : CVE-2010-20045 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : FileWrangler 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires passive user interaction—simply connecting to the server—without further input. Successful exploitation may lead to arbitrary code execution. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20049 - LeapFTP FTP Client Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2010-20049 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : LeapFTP 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application fails to properly bound-check the input and overwrites the Structured Exception Handler (SEH) chain. This allows an attacker operating a malicious FTP server to execute arbitrary code on the victim’s machine when the file is listed or downloaded. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20059 - FreeNAS Unauthenticated Command Execution Backdoor

CVE ID : CVE-2010-20059 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The exec_raw.php script exposes a cmd parameter that is passed directly to the underlying shell without sanitation. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2010-20103 - ProFTPD Backdoor Command Injection Vulnerability

CVE ID : CVE-2010-20103 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10020 - Kaillera Server UDP Packet Handling Denial-of-Service Vulnerability

CVE ID : CVE-2011-10020 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server’s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10021 - Magix Musik Maker Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2011-10021 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy() operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler (SEH). By crafting a malicious .mmm file, an attacker can trigger the overflow when the file is opened, potentially leading to arbitrary code execution. This vulnerability was remediated in version 17. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10022 - SPlayer HTTP Response Handler Stack-Based Buffer Overflow

CVE ID : CVE-2011-10022 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Exploitation requires the victim to open a media file that triggers an HTTP request to a malicious server, which responds with a crafted Content-Type header. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10023 - MJM QuickPlayer Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2011-10023 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : MJM QuickPlayer (likely now referred to as MJM Player) version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code. Exploitation is achieved via a crafted payload that bypasses DEP and ASLR protections using ROP techniques, and requires user interaction to open the file. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10024 - MJM Core Player Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2011-10024 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10025 - Subtitle Processor Buffer Overflow Vulnerability

CVE ID : CVE-2011-10025 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10026 - Spreecommerce Remote Command Execution Vulnerability

CVE ID : CVE-2011-10026 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10027 - AOL Desktop Buffer Overflow Vulnerability

CVE ID : CVE-2011-10027 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10028 - RealNetworks RealArcade ActiveX Exec Arbitrary Command Execution

CVE ID : CVE-2011-10028 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation or restrictions. This platform was sometimes referred to or otherwise known as RealArcade or Arcade Games and has since consolidated with RealNetworks' platform, GameHouse. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10029 - Solar FTP Server Format String Denial of Service

CVE ID : CVE-2011-10029 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the __output_1() function of sfsservice.exe. This results in a denial of service (DoS) condition. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2011-10030 - Foxit PDF Reader File Write Vulnerability

CVE ID : CVE-2011-10030 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code execution the next time the system boots or the user logs in. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2012-10061 - Sockso Music Host Server Path Traversal Vulnerability

CVE ID : CVE-2012-10061 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Sockso Music Host Server versions 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize user-supplied input. Attackers can traverse directories and access sensitive files outside the intended web root. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2024-57157 - Jantent Authentication Bypass Vulnerability

CVE ID : CVE-2024-57157 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access sensitive APIs without a token. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-55731 - Frappe SQL Injection Vulnerability

CVE ID : CVE-2025-55731 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Frappe is a full-stack web application framework. A carefully crafted request could extract data that the user would normally not have access to, via SQL injection. This vulnerability is fixed in 15.74.2 and 14.96.15. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-55732 - Frappe SQL Injection Bypass

CVE ID : CVE-2025-55732 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : Frappe is a full-stack web application framework. Prior to 15.74.2 and 14.96.15, an attacker could implement SQL injection through specially crafted requests, allowing malicious people to access sensitive information. This vulnerability is a bypass of the official patch released for CVE-2025-52895. This vulnerability is fixed in 15.74.2 and 14.96.15. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-55751 - "OpenBoardLite Redirect URL Forgery (Phishing/Credentials Theft)"

CVE ID : CVE-2025-55751 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : OnboardLite is the result of the Influx Initiative, our vision for an improved student organization lifecycle at the University of Central Florida. An attacker can craft a link to the trusted application that, when visited, redirects the user to a malicious external site. This enables phishing, credential theft, malware delivery, and trust abuse. Any version with commit hash 6cca19e or later implements jwt signing for the redirect url parameter. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-9233 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9233 Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago Description : A security vulnerability has been detected in Scada-LTS up to 2.7.8.1. Impacted is an unknown function of the file view_edit.shtm. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 16:15:00 GMT

read more

CVE-2025-55498 - Tenda AC6 Buffer Overflow

CVE ID : CVE-2025-55498 Published : Aug. 20, 2025, 3:15 p.m. | 2 hours ago Description : Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2024-57491 - "Jobx Authentication Bypass"

CVE ID : CVE-2024-57491 Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago Description : Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-1139 - IBM Edge Application Manager Privilege Escalation Vulnerability

CVE ID : CVE-2025-1139 Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago Description : IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they should not have authorization to access due to incorrect permission assignment. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-1142 - IBM Edge Application Manager SSRF Vulnerability

CVE ID : CVE-2025-1142 Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago Description : IBM Edge Application Manager 4.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-36114 - IBM QRadar SOAR Plugin App Directory Traversal Vulnerability

CVE ID : CVE-2025-36114 Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago Description : IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-43748 - Liferay Portal Cross-Site Request Forgery (CSRF)

CVE ID : CVE-2025-43748 Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago Description : Insufficient CSRF protection for omni-administrator users in Liferay Portal 7.0.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.6, 2023.Q4.0 through 2023.Q4.9, 2023.Q3.1 through 2023.Q3.9, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allows attackers to execute Cross-Site Request Forgery Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-50864 - Elysia-Cors Origin Validation Bypass Vulnerability

CVE ID : CVE-2025-50864 Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago Description : An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing (CORS) restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an exact match. For example, a malicious origin like "notexample.com", "example.common.net" is whitelisted when the site's CORS policy specifies "example.com." This vulnerability enables unauthorized access to user data on sites using the elysia-cors library for CORS validation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-51990 - XWiki Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-51990 Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago Description : XWiki through version 17.3.0 is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities in the Administration interface, specifically under the Presentation section of the Global Preferences panel. An authenticated administrator can inject arbitrary JavaScript payloads into the HTTP Meta Info, Footer Copyright, and Footer Version fields. These inputs are stored and subsequently rendered without proper output encoding or sanitization on public-facing pages. As a result, the injected scripts are persistently executed in the browser context of any visitor to the affected instances including both authenticated and unauthenticated users. No user interaction is required beyond visiting a page that includes the malicious content. Successful exploitation can lead to session hijacking, credential theft, unauthorized actions via session riding, or further compromise of the application through client-side attacks. The vulnerability introduces significant risk in any deployment, especially in shared or internet-facing environments where administrator credentials may be compromised. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-51991 - XWiki Server-Side Template Injection Vulnerability

CVE ID : CVE-2025-51991 Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago Description : XWiki through version 17.3.0 is vulnerable to Server-Side Template Injection (SSTI) in the Administration interface, specifically within the HTTP Meta Info field of the Global Preferences Presentation section. An authenticated administrator can inject crafted Apache Velocity template code, which is rendered on the server side without proper validation or sandboxing. This enables the execution of arbitrary template logic, which may expose internal server information or, in specific configurations, lead to further exploitation such as remote code execution or sensitive data leakage. The vulnerability resides in improper handling of dynamic template rendering within user-supplied configuration fields. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-55482 - Tenda AC6 Buffer Overflow Vulnerability

CVE ID : CVE-2025-55482 Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago Description : Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 15:15:00 GMT

read more

CVE-2025-30256 - Tenda AC6 HTTP Header Parsing Denial of Service

CVE ID : CVE-2025-30256 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-31355 - Tenda AC6 Firmware Signature Validation Code Execution Vulnerability

CVE ID : CVE-2025-31355 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-32010 - Tenda AC6 Cloud API Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-32010 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-50503 - Touch Lebanon Mobile App Password Reset Bypass Vulnerability

CVE ID : CVE-2025-50503 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : A vulnerability in the password reset workflow of the Touch Lebanon Mobile App 2.20.2 allows an attacker to bypass the OTP reset password mechanism. By manipulating the reset process, an unauthorized user may be able to reset the password and gain access to the account without needing to provide a legitimate authentication factor, such as an OTP. This compromises account security and allows for potential unauthorized access to user data. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54923 - Apache Service Remote Code Execution Vulnerability

CVE ID : CVE-2025-54923 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity when authenticated users send crafted data to a network-exposed service that performs unsafe deserialization. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54924 - Adobe Acrobat SSRF

CVE ID : CVE-2025-54924 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker sends a specially crafted document to a vulnerable endpoint. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54925 - Apache HTTP Server SSRF

CVE ID : CVE-2025-54925 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker configures the application to access a malicious url. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54926 - Apache HTTP Server Remote Code Execution Path Traversal

CVE ID : CVE-2025-54926 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-54927 - Apache HTTP Server Path Traversal Vulnerability

CVE ID : CVE-2025-54927 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized access to sensitive files when an authenticated attackers uses a crafted path input that is processed by the system. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-55483 - Tenda AC6 Buffer Overflow Vulnerability

CVE ID : CVE-2025-55483 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-55499 - Tenda AC6 Buffer Overflow Vulnerability

CVE ID : CVE-2025-55499 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-55503 - Tenda AC6 Stack Overflow Vulnerability

CVE ID : CVE-2025-55503 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-8448 - BMC Software SMB Exposes Sensitive Credentials

CVE ID : CVE-2025-8448 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products. Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-8449 - Apache BMS Denial of Service

CVE ID : CVE-2025-8449 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-9074 - "Docker Desktop Unauthenticated Engine API Access Vulnerability"

CVE ID : CVE-2025-9074 Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled. This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-24322 - Tenda AC6 Remote Code Execution Vulnerability

CVE ID : CVE-2025-24322 Published : Aug. 20, 2025, 2:15 p.m. | 27 minutes ago Description : An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-24496 - Tenda AC6 Information Disclosure

CVE ID : CVE-2025-24496 Published : Aug. 20, 2025, 2:15 p.m. | 27 minutes ago Description : An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-27129 - Tenda AC6 HTTP Authentication Bypass Code Execution Vulnerability

CVE ID : CVE-2025-27129 Published : Aug. 20, 2025, 2:15 p.m. | 27 minutes ago Description : An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 14:15:00 GMT

read more

CVE-2025-43749 - Liferay Portal Unauthenticated File Upload Vulnerability

CVE ID : CVE-2025-43749 Published : 20 août 2025 13:15 | 52 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows unauthenticated users (guests) to access via URL files uploaded in the form and stored in document_library Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-43750 - Liferay Portal Unvalidated File Upload Vulnerability

CVE ID : CVE-2025-43750 Published : 20 août 2025 13:15 | 52 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.19 and 7.4 GA through update 92 allows remote unauthenticated users (guests) to upload files via the form attachment field without proper validation, enabling extension obfuscation and bypassing MIME type checks. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-4437 - CRI-O Denial-of-Service Vulnerability

CVE ID : CVE-2025-4437 Published : 20 août 2025 13:15 | 52 minutes ago Description : There's a vulnerability in the CRI-O application where when container is launched with securityContext.runAsUser specifying a non-existent user, CRI-O attempts to create the user, reading the container's entire /etc/passwd file into memory. If this file is excessively large, it can cause the a high memory consumption leading applications to be killed due to out-of-memory. As a result a denial-of-service can be achieved, possibly disrupting other pods and services running in the same host. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-4877 - Libssh Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-4877 Published : 20 août 2025 13:15 | 52 minutes ago Description : There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to ssh_get_fingerprint_hash() function. In such cases the bin_to_base64() function can experience an integer overflow leading to a memory under allocation, when that happens it's possible that the program perform out of bounds write leading to a heap corruption. This issue affects only 32-bits builds of libssh. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-54172 - QuickCMS Stored XSS Vulnerability in sTitle Parameter

CVE ID : CVE-2025-54172 Published : 20 août 2025 13:15 | 52 minutes ago Description : QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into the page. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-54174 - QuickCMS Cross-Site Request Forgery (CSRF) in Article Creation

CVE ID : CVE-2025-54174 Published : 20 août 2025 13:15 | 52 minutes ago Description : QuickCMS is vulnerable to Cross-Site Request Forgery in article creation functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request creating a malicious article with content defined by the attacker. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-54175 - QuickCMS Reflected XSS in Thumbnail Viewer sFileName Parameter

CVE ID : CVE-2025-54175 Published : 20 août 2025 13:15 | 52 minutes ago Description : QuickCMS.EXT is vulnerable to Reflected XSS in sFileName parameter in thumbnail viewer functionality. An attacker can craft a malicious URL that results in arbitrary JavaScript execution in the victim's browser when opened. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-8453 - Apache root-level daemon Privilege Escalation Arbitrary Code Execution

CVE ID : CVE-2025-8453 Published : 20 août 2025 13:15 | 52 minutes ago Description : CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation and arbitrary code execution when a privileged engineer user with console access modifies a configuration file used by a root-level daemon to execute custom scripts. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 13:15:00 GMT

read more

CVE-2025-43741 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43741 Published : 20 août 2025 12:15 | 1 heure, 52 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.3, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows an remote authenticated attacker to inject JavaScrip in the _com_liferay_users_admin_web_portlet_UsersAdminPortlet_assetTagNames parameter Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 12:15:00 GMT

read more

CVE-2025-43742 - Liferay Portal Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-43742 Published : 20 août 2025 12:15 | 1 heure, 52 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.3, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript in web content for friendly urls. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 12:15:00 GMT

read more

CVE-2025-7777 - Apache Mirror-Registry HTTP Host Header Injection Vulnerability

CVE ID : CVE-2025-7777 Published : 20 août 2025 12:15 | 1 heure, 52 minutes ago Description : The mirror-registry doesn't properly sanitize the host header HTTP header in HTTP request received, allowing an attacker to perform malicious redirects to attacker-controlled domains or phishing campaigns. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 12:15:00 GMT

read more

CVE-2025-8102 - Easy Digital Downloads WordPress CSRF

CVE ID : CVE-2025-8102 Published : 20 août 2025 12:15 | 1 heure, 52 minutes ago Description : The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.5.0. This is due to missing nonce validations in the edd_sendwp_disconnect() and edd_sendwp_remote_install() functions. This makes it possible for unauthenticated attackers to deactivate or download and activate the SendWP plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 12:15:00 GMT

read more

CVE-2025-9173 - Emlog Pro Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-9173 Published : 20 août 2025 11:15 | 2 heures, 52 minutes ago Description : A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload&sid=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 11:15:00 GMT

read more

CVE-2025-57727 - JetBrains IntelliJ IDEA Remote Reference Credentials Disclosure Vulnerability

CVE ID : CVE-2025-57727 Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago Description : In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57728 - JetBrains IntelliJ IDEA Code With Me Guest File Disclosure

CVE ID : CVE-2025-57728 Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago Description : In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57729 - JetBrains IntelliJ IDEA Plugin Startup Vulnerability

CVE ID : CVE-2025-57729 Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago Description : In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57730 - JetBrains IntelliJ IDEA HTML Injection Vulnerability

CVE ID : CVE-2025-57730 Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago Description : In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature Severity: 5.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57731 - JetBrains YouTrack Stored XSS

CVE ID : CVE-2025-57731 Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago Description : In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57732 - JetBrains TeamCity Directory Ownership Escalation

CVE ID : CVE-2025-57732 Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago Description : In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57733 - JetBrains TeamCity SMTP Injection Vulnerability

CVE ID : CVE-2025-57733 Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago Description : In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-57734 - JetBrains TeamCity AWS Credentials Exposed

CVE ID : CVE-2025-57734 Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago Description : In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 10:15:00 GMT

read more

CVE-2025-5260 - Pik Online Yazılım Çözümleri A.Ş. Pik Online SSRF Vulnerability

CVE ID : CVE-2025-5260 Published : 20 août 2025 09:15 | 4 heures, 52 minutes ago Description : Server-Side Request Forgery (SSRF) vulnerability in Pik Online Yazılım Çözümleri A.Ş. Pik Online allows Server Side Request Forgery.This issue affects Pik Online: before 3.1.5. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2025-5261 - Pik Online Authorization Bypass Through User-Controlled Key

CVE ID : CVE-2025-5261 Published : 20 août 2025 09:15 | 4 heures, 52 minutes ago Description : Authorization Bypass Through User-Controlled Key vulnerability in Pik Online Yazılım Çözümleri A.Ş. Pik Online allows Exploitation of Trusted Identifiers.This issue affects Pik Online: before 3.1.5. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2025-9228 - MiR Text Note Authorization Bypass

CVE ID : CVE-2025-9228 Published : 20 août 2025 09:15 | 4 heures, 52 minutes ago Description : MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2025-9229 - MiR Error Handling Information Disclosure Vulnerability

CVE ID : CVE-2025-9229 Published : 20 août 2025 09:15 | 4 heures, 52 minutes ago Description : Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2024-39954 - Apache EventMesh SSRF

CVE ID : CVE-2024-39954 Published : Aug. 20, 2025, 9:15 a.m. | 4 hours, 5 minutes ago Description : CWE-918 Server-Side Request Forgery (SSRF) in eventmesh-runtime module in WebhookUtil.java on windows\linux\mac os e.g. allows the attacker can abuse functionality on the server to read or update internal resources. Users are recommended to upgrade to version 1.12.0 or use the master branch , which fixes this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 09:15:00 GMT

read more

CVE-2025-54677 - vcita Online Booking Scheduling Calendar for WordPress Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-54677 Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita allows Using Malicious Files. This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.5.3. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54713 - Magepeopleteam Taxi Booking Manager for WooCommerce Authentication Bypass

CVE ID : CVE-2025-54713 Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce allows Authentication Abuse. This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.3.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54726 - Miguel Useche JS Archive List SQL Injection

CVE ID : CVE-2025-54726 Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Miguel Useche JS Archive List allows SQL Injection. This issue affects JS Archive List: from n/a through n/a. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54735 - CubeWP Framework Privilege Escalation

CVE ID : CVE-2025-54735 Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago Description : Incorrect Privilege Assignment vulnerability in Emraan Cheema CubeWP Framework allows Privilege Escalation. This issue affects CubeWP Framework: from n/a through 1.1.24. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54750 - FunnelKit Funnel Builder PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54750 Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FunnelKit Funnel Builder by FunnelKit allows PHP Local File Inclusion. This issue affects Funnel Builder by FunnelKit: from n/a through 3.11.1. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-55715 - Themeisle Otter - Gutenberg Block Sensitive Data Information Disclosure

CVE ID : CVE-2025-55715 Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago Description : Insertion of Sensitive Information Into Sent Data vulnerability in Themeisle Otter - Gutenberg Block allows Retrieve Embedded Sensitive Data. This issue affects Otter - Gutenberg Block: from n/a through 3.1.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-9225 - MiR Robots and MiR Fleet Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9225 Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago Description : Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54053 - Groundhogg Deserialization of Untrusted Data Object Injection

CVE ID : CVE-2025-54053 Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 33 minutes ago Description : Deserialization of Untrusted Data vulnerability in Adrian Tobey Groundhogg allows Object Injection. This issue affects Groundhogg: from n/a through 4.2.2. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54055 - Skygroup Druco Cross-site Scripting Vulnerability

CVE ID : CVE-2025-54055 Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 33 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Druco allows Reflected XSS. This issue affects Druco: from n/a through 1.5.2. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54056 - LambertGroup Responsive HTML5 Audio Player PRO With Playlist Cross-site Scripting

CVE ID : CVE-2025-54056 Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 33 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist allows Reflected XSS. This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through 3.5.8. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54670 - Bobbingwide Oik Cross-site Scripting (XSS)

CVE ID : CVE-2025-54670 Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 33 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bobbingwide oik allows Reflected XSS. This issue affects oik: from n/a through 4.15.2. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54052 - Realtyna Realtyna Organic IDX CSRF Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54052 Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 5 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Realtyna Organic IDX plugin allows PHP Local File Inclusion. This issue affects Realtyna Organic IDX plugin: from n/a through 5.0.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54031 - Schiocco Support Board PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54031 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Schiocco Support Board allows PHP Local File Inclusion. This issue affects Support Board: from n/a through 3.8.0. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54032 - WebCodingPlace Real Estate Manager Pro Cross-site Scripting

CVE ID : CVE-2025-54032 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Real Estate Manager Pro allows Reflected XSS. This issue affects Real Estate Manager Pro: from n/a through 12.7.3. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54034 - Tribulant Software Newsletters PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54034 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Tribulant Software Newsletters allows PHP Local File Inclusion. This issue affects Newsletters: from n/a through 4.10. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54040 - Webba Booking Missing Authorization Vulnerability

CVE ID : CVE-2025-54040 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago Description : Missing Authorization vulnerability in Webba Appointment Booking Webba Booking allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Webba Booking: from n/a through 5.1.20. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54044 - CreativeMedia Elite Video Player Cross-site Scripting Vulnerability

CVE ID : CVE-2025-54044 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in _CreativeMedia_ Elite Video Player allows Reflected XSS. This issue affects Elite Video Player: from n/a through 10.0.5. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54046 - QuanticaLabs Cost Calculator Cross-site Scripting Vulnerability

CVE ID : CVE-2025-54046 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Cost Calculator allows Stored XSS. This issue affects Cost Calculator: from n/a through 7.4. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54048 - miniOrange Custom API for WP SQL Injection

CVE ID : CVE-2025-54048 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP allows SQL Injection. This issue affects Custom API for WP: from n/a through 4.2.2. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54049 - miniOrange Custom API for WP Privilege Escalation Vulnerability

CVE ID : CVE-2025-54049 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago Description : Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP allows Privilege Escalation. This issue affects Custom API for WP: from n/a through 4.2.2. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54019 - Bearsthemes Alone Code Injection Vulnerability

CVE ID : CVE-2025-54019 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone allows Code Injection. This issue affects Alone: from n/a through n/a. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54021 - Mitchell Bennis Simple File List Path Traversal

CVE ID : CVE-2025-54021 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mitchell Bennis Simple File List allows Path Traversal. This issue affects Simple File List: from n/a through 6.1.14. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54025 - RelyWP Coupon Affiliates Missing Authorization Vulnerability

CVE ID : CVE-2025-54025 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago Description : Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.4.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54027 - Schiocco Support Board Cross-site Scripting

CVE ID : CVE-2025-54027 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board allows Reflected XSS. This issue affects Support Board: from n/a through 3.8.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-54028 - Saleswonder Team Tobias CF7 WOW Styler PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54028 Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Saleswonder Team Tobias CF7 WOW Styler allows PHP Local File Inclusion. This issue affects CF7 WOW Styler: from n/a through 1.7.2. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 08:15:00 GMT

read more

CVE-2025-9202 - ColorMag WordPress Unauthorized Data Modification Vulnerability

CVE ID : CVE-2025-9202 Published : Aug. 20, 2025, 7:15 a.m. | 57 minutes ago Description : The ColorMag theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the welcome_notice_import_handler() function in all versions up to, and including, 4.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the ThemeGrill Demo Importer plugin. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 07:15:00 GMT

read more

CVE-2025-53522 - Movable Type Email Password Reset Vulnerability

CVE ID : CVE-2025-53522 Published : Aug. 20, 2025, 5:15 a.m. | 2 hours, 57 minutes ago Description : Movable Type contains an issue with use of less trusted source. If exploited, tampered email to reset a password may be sent by a remote unauthenticated attacker. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 05:15:00 GMT

read more

CVE-2025-54551 - Synapse Mobility Web Parameter Privilege Escalation

CVE ID : CVE-2025-54551 Published : Aug. 20, 2025, 5:15 a.m. | 2 hours, 57 minutes ago Description : Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameter. If exploited, a user of the product may escalate the privilege and access data that the user do not have permission to view by altering the parameters of the search function. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 05:15:00 GMT

read more

CVE-2025-55706 - Movable Type Open Redirect

CVE ID : CVE-2025-55706 Published : Aug. 20, 2025, 5:15 a.m. | 2 hours, 57 minutes ago Description : URL redirection to untrusted site ('Open Redirect') issue exists in Movable Type. If this vulnerability is exploited, an invalid parameter may be inserted into the password reset page, which may lead to redirection to an arbitrary URL. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 05:15:00 GMT

read more

CVE-2025-8618 - "WPC Smart Quick View for WooCommerce Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-8618 Published : Aug. 20, 2025, 5:15 a.m. | 2 hours, 57 minutes ago Description : The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's woosq_btn shortcode in all versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 05:15:00 GMT

read more

CVE-2025-57742 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-57742 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57743 - Adobe Acrobat Out-of-bounds Read

CVE ID : CVE-2025-57743 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57744 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-57744 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57745 - Cisco Router Unvalidated Input

CVE ID : CVE-2025-57745 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57746 - Microsoft Azure Active Directory Authentication Bypass

CVE ID : CVE-2025-57746 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57747 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-57747 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57748 - Apache HTTP Server Local File Inclusion

CVE ID : CVE-2025-57748 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57788 - Commvault Unauthenticated API Execution Vulnerability

CVE ID : CVE-2025-57788 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : An issue was discovered in Commvault before 11.36.60. A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57789 - Commvault Default Credential Exposure Vulnerability

CVE ID : CVE-2025-57789 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : An issue was discovered in Commvault before 11.36.60. During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57790 - Commvault Path Traversal Remote Code Execution Vulnerability

CVE ID : CVE-2025-57790 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : An issue was discovered in Commvault before 11.36.60. A security vulnerability has been identified that allows remote attackers to perform unauthorized file system access through a path traversal issue. The vulnerability may lead to remote code execution. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-57791 - Commvault Command Injection Vulnerability

CVE ID : CVE-2025-57791 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago Description : An issue was discovered in Commvault before 11.36.60. A security vulnerability has been identified that allows remote attackers to inject or manipulate command-line arguments passed to internal components due to insufficient input validation. Successful exploitation results in a valid user session for a low privilege role. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 04:16:00 GMT

read more

CVE-2025-54363 - Microsoft Knack Regular Expression Denial of Service (ReDoS)

CVE ID : CVE-2025-54363 Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago Description : Microsoft Knack 0.12.0 allows Regular expression Denial of Service (ReDoS) in the knack.introspection module (issue 1 of 2). Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2025-54364 - Microsoft Knack Regular Expression Denial of Service (ReDoS)

CVE ID : CVE-2025-54364 Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago Description : Microsoft Knack 0.12.0 allows Regular expression Denial of Service (ReDoS) in the knack.introspection module (issue 2 of 2). Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2025-8141 - "WordPress Contact Form 7 Plugin Arbitrary File Deletion Vulnerability"

CVE ID : CVE-2025-8141 Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago Description : The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_associated_files function in all versions up to, and including, 3.2.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2025-8145 - "Contact Form 7 PHP Object Injection and RCE Vulnerability"

CVE ID : CVE-2025-8145 Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago Description : The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the get_lead_fields function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in a Contact Form 7 plugin allows attackers to delete arbitrary files. Additionally, in certain server configurations, Remote Code Execution is possible Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2025-8289 - "WordPress Redirection for Contact Form 7 PHP Object Injection Vulnerability"

CVE ID : CVE-2025-8289 Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago Description : The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the delete_associated_files function. This makes it possible for unauthenticated attackers to inject a PHP Object. This vulnerability may be exploited by unauthenticated attackers when a form is present on the site with a file upload action, and doesn't affect sites with PHP version > 8. This vulnerability also requires the 'Redirection For Contact Form 7 Extension - Create Post' extension to be installed and activated in order to be exploited. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. We confirmed there is a usable gadget in Contact Form 7 plugin that makes arbitrary file deletion possible when installed with this plugin. Given Contact Form 7 is a requirement of this plugin, it is likely that any site with this plugin and the 'Redirection For Contact Form 7 Extension - Create Post' extension enabled is vulnerable to arbitrary file deletion. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 03:15:00 GMT

read more

CVE-2024-12223 - Palo Alto Networks Prism Central Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-12223 Published : Aug. 20, 2025, 1:15 a.m. | 6 hours, 57 minutes ago Description : Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 01:15:00 GMT

read more

CVE-2025-9132 - Google Chrome V8 Out-of-Bounds Heap Corruption Vulnerability

CVE ID : CVE-2025-9132 Published : Aug. 20, 2025, 1:15 a.m. | 6 hours, 57 minutes ago Description : Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 01:15:00 GMT

read more

CVE-2025-9176 - Neurobin shc OS Command Injection Vulnerability

CVE ID : CVE-2025-9176 Published : Aug. 20, 2025, 12:15 a.m. | 7 hours, 57 minutes ago Description : A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the public and may be exploited. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 00:15:00 GMT

read more

CVE-2025-9193 - TOTVS Portal Meu RH Open Redirect Vulnerability

CVE ID : CVE-2025-9193 Published : Aug. 20, 2025, 12:15 a.m. | 7 hours, 57 minutes ago Description : A flaw has been found in TOTVS Portal Meu RH up to 12.1.17. Impacted is an unknown function of the component Password Reset Handler. Executing manipulation of the argument redirectUrl can lead to open redirect. The attack may be performed from a remote location. The exploit has been published and may be used. Upgrading to version 12.1.2410.274, 12.1.2502.178 and 12.1.2506.121 is recommended to address this issue. It is recommended to upgrade the affected component. The vendor explains, that "[o]ur internal validation (...) confirms that the reported behavior does not exist in currently supported releases. In these tests, the redirectUrl parameter is ignored, and no malicious redirection occurs." This vulnerability only affects products that are no longer supported by the maintainer. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 20 Aug 2025 00:15:00 GMT

read more

CVE-2025-9175 - Neurobin SHC Stack-Based Buffer Overflow

CVE ID : CVE-2025-9175 Published : Aug. 19, 2025, 11:15 p.m. | 7 hours, 46 minutes ago Description : A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 23:15:00 GMT

read more

CVE-2025-9171 - SolidInvoice Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9171 Published : Aug. 19, 2025, 11:15 p.m. | 5 hours, 27 minutes ago Description : A security flaw has been discovered in SolidInvoice up to 2.4.0. The impacted element is an unknown function of the file /clients of the component Clients Module. Performing manipulation of the argument Name results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 23:15:00 GMT

read more

CVE-2025-9174 - Neurobin Shc OS Command Injection Vulnerability

CVE ID : CVE-2025-9174 Published : Aug. 19, 2025, 11:15 p.m. | 5 hours, 27 minutes ago Description : A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 23:15:00 GMT

read more

CVE-2025-9169 - SolidInvoice Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9169 Published : Aug. 19, 2025, 10:15 p.m. | 6 hours, 27 minutes ago Description : A vulnerability was determined in SolidInvoice up to 2.4.0. Impacted is an unknown function of the file /quotes of the component Quote Module. This manipulation of the argument Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 22:15:00 GMT

read more

CVE-2025-9170 - SolidInvoice Tax Rates Module Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9170 Published : Aug. 19, 2025, 10:15 p.m. | 6 hours, 27 minutes ago Description : A vulnerability was identified in SolidInvoice up to 2.4.0. The affected element is an unknown function of the file /tax/rates of the component Tax Rates Module. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 22:15:00 GMT

read more

CVE-2025-9167 - SolidInvoice Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9167 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : A vulnerability has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the argument client name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9168 - SolidInvoice Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9168 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9179 - "Firefox/Thunderbird GMP Memory Corruption Vulnerability"

CVE ID : CVE-2025-9179 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9180 - "Firefox/Thunderbird Same-Origin Policy Bypass in Graphics: Canvas2D"

CVE ID : CVE-2025-9180 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : 'Same-origin policy bypass in the Graphics: Canvas2D component.' This vulnerability affects Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9181 - Mozilla Firefox JavaScript Engine Uninitialized Memory Vulnerability

CVE ID : CVE-2025-9181 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox 142, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9182 - "Firefox WebRender Denial-of-Service Vulnerability"

CVE ID : CVE-2025-9182 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : 'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability affects Firefox 142, Firefox ESR 140.2, Thunderbird 142, and Thunderbird 140.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9183 - Firefox Spoofing Address Bar Vulnerability

CVE ID : CVE-2025-9183 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : Spoofing issue in the Address Bar component. This vulnerability affects Firefox 142 and Firefox ESR 140.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9184 - Firefox/Thunderbird Memory Corruption Vulnerability

CVE ID : CVE-2025-9184 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 142, Firefox ESR 140.2, Thunderbird 142, and Thunderbird 140.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9185 - Mozilla Firefox/Thunderbird Memory Corruption Vulnerabilities

CVE ID : CVE-2025-9185 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9186 - Firefox Focus for Android URL Spoofing Vulnerability

CVE ID : CVE-2025-9186 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability affects Firefox 142. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9187 - Firefox Memory Corruption Vulnerability

CVE ID : CVE-2025-9187 Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago Description : Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 142 and Thunderbird 142. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55032 - Focus for iOS MIME Type Vulnerability

CVE ID : CVE-2025-55032 Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago Description : Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks This vulnerability affects Focus for iOS 142. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55033 - Focus for iOS JavaScript Injection Vulnerability

CVE ID : CVE-2025-55033 Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago Description : Dragging JavaScript links to the URL bar in Focus for iOS could be utilized to run malicious scripts, potentially resulting in XSS attacks This vulnerability affects Focus for iOS 142. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-8041 - Firefox for Android URL Truncation Vulnerability

CVE ID : CVE-2025-8041 Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago Description : In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability affects Firefox 141. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-8042 - Firefox for Android Cross-Site Download Vulnerability

CVE ID : CVE-2025-8042 Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago Description : Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability affects Firefox 141. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-8364 - Mozilla Firefox Android URI Spoofing Vulnerability

CVE ID : CVE-2025-8364 Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago Description : A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox 141. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55030 - Firefox for iOS MIME Type Misinterpretation Vulnerability

CVE ID : CVE-2025-55030 Published : Aug. 19, 2025, 9:15 p.m. | 3 hours, 54 minutes ago Description : Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS 142. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55031 - Firefox for iOS Bluetooth Hybrid Passkey Transport Vulnerability

CVE ID : CVE-2025-55031 Published : Aug. 19, 2025, 9:15 p.m. | 3 hours, 54 minutes ago Description : Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects Firefox for iOS 142 and Focus for iOS 142. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-54143 - Mozilla Firefox for iOS Cross-Site Download

CVE ID : CVE-2025-54143 Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago Description : Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS 141. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-54144 - "Firefox for iOS URL Scheme Clickjacking Vulnerability"

CVE ID : CVE-2025-54144 Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago Description : The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link This vulnerability affects Firefox for iOS 141. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-54145 - Firefox for iOS QR Scanner Code Injection Vulnerability

CVE ID : CVE-2025-54145 Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago Description : The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for iOS 141. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55028 - Firefox for iOS JavaScript Alert Denial of Service

CVE ID : CVE-2025-55028 Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago Description : Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS 142. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-55029 - Firefox for iOS Script Injection Vulnerability

CVE ID : CVE-2025-55029 Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago Description : Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks This vulnerability affects Firefox for iOS 142. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 21:15:00 GMT

read more

CVE-2025-9157 - Appneta Tcpreplay Use After Free Vulnerability

CVE ID : CVE-2025-9157 Published : Aug. 19, 2025, 8:15 p.m. | 1 hour, 56 minutes ago Description : A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-9165 - LibTIFF Memory Leak Vulnerability

CVE ID : CVE-2025-9165 Published : Aug. 19, 2025, 8:15 p.m. | 1 hour, 56 minutes ago Description : A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-2988 - IBM Sterling B2B Integrator and IBM Sterling File Gateway Information Disclosure

CVE ID : CVE-2025-2988 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-43743 - Liferay Portal Information Disclosure

CVE ID : CVE-2025-43743 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows any authenticated remote user to view other calendars by allowing them to enumerate the names of other users, given an attacker the possibility to send phishing to these users. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-43744 - Liferay Portal Stored DOM-Based XSS Vulnerability

CVE ID : CVE-2025-43744 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : A stored DOM-based Cross-Site Scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.5, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.19 and 7.4 GA through update 92 exists in the Asset Publisher configuration UI within the Source.js module. This vulnerability allows attackers to inject arbitrary JavaScript via DDM structure field labels which are then inserted into the DOM using innerHTML without proper encoding. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-50926 - Easy Hosting Control Panel EHCP SQL Injection Vulnerability

CVE ID : CVE-2025-50926 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the List All Email Addresses function. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-51543 - Cicool Builder Password Reset Vulnerability

CVE ID : CVE-2025-51543 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's password via the /administrator/auth/reset_password endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-52337 - LogicData eCommerce Framework File Upload RCE

CVE ID : CVE-2025-52337 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : An authenticated arbitrary file upload vulnerability in the Content Explorer feature of LogicData eCommerce Framework v5.0.9.7000 allows attackers to execute arbitrary code via uploading a crafted file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-55737 - "FlaskBlog Comment Deletion Privilege Escalation Vulnerability"

CVE ID : CVE-2025-55737 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when deleting a comment, there's no validation of the ownership of the comment. Every user can delete an arbitrary comment of another user on every post, by simply intercepting the delete request and changing the commentID. The code that causes the problem is in routes/post.py. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-55740 - Ngix-Defender Default Credentials Exposure Vulnerability

CVE ID : CVE-2025-55740 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : nginx-defender is a high-performance, enterprise-grade Web Application Firewall (WAF) and threat detection system engineered for modern web infrastructure. This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files config.yaml and docker-compose.yml contain default credentials (default_password: "change_me_please", GF_SECURITY_ADMIN_PASSWORD=admin123). If users deploy nginx-defender without changing these defaults, attackers with network access could gain administrative control, bypassing security protections. The issue is addressed in v1.5.0 and later. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-9155 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9155 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forget_password.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-9156 - iSourcecode Sports Management System SQL Injection

CVE ID : CVE-2025-9156 Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago Description : A vulnerability was found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/sports.php. Performing manipulation of the argument code results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 20:15:00 GMT

read more

CVE-2025-33008 - IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-33008 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-43737 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43737 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8 and 2025.Q1.0 through 2025.Q1.15 allows a remote authenticated user to inject JavaScript code via _com_liferay_journal_web_portlet_JournalPortlet_backURL parameter. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-43745 - Liferay Portal CSRF Attack

CVE ID : CVE-2025-43745 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : A CSRF vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.7, 2025.Q1.0 through 2025.Q1.14, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.19 and 7.4 GA through update 92 allows remote attackers to performs cross-origin request on behalf of the authenticated user via the endpoint parameter. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-50891 - Adform Site Tracking Cross-Site Scripting (XSS)

CVE ID : CVE-2025-50891 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : Adform Site Tracking 1.1 allows attackers to inject HTML or execute arbitrary code via cookie hijacking. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-52338 - LogicData eCommerce Framework Authentication Bypass

CVE ID : CVE-2025-52338 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : An issue in the default configuration of the password reset function in LogicData eCommerce Framework v5.0.9.7000 allows attackers to bypass authentication and compromise user accounts via a bruteforce attack. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55303 - Astro Image Optimization Endpoint Protocol-Relative URL Injection

CVE ID : CVE-2025-55303 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : Astro is a web framework for content-driven websites. In versions of astro before 5.13.2 and 4.16.18, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. On-demand rendered sites built with Astro include an /_image endpoint which returns optimized versions of images. A bug in impacted versions of astro allows an attacker to bypass the third-party domain restrictions by using a protocol-relative URL as the image source, e.g. /_image?href=//example.com/image.png. This vulnerability is fixed in 5.13.2 and 4.16.18. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55306 - GenX FX Exposed API Keys and Authentication Tokens

CVE ID : CVE-2025-55306 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : GenX_FX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources (Google Cloud, Firebase, GitHub, etc.). Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55733 - DeepChat Custom URL Handler Remote Code Execution Vulnerability

CVE ID : CVE-2025-55733 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on any website, including a malicious one they control. When a victim visits such a site or clicks on the link, the browser triggers the app’s custom URL handler (deepchat:), causing the DeepChat application to launch and process the URL, leading to remote code execution on the victim’s machine. This vulnerability is fixed in 0.3.1. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55734 - FlaskBlog Unauthenticated Access to Sensitive Pages

CVE ID : CVE-2025-55734 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, the code checks if the userRole is "admin" only when visiting the /admin page, but not when visiting its subroutes. Specifically, only the file routes/adminPanel.py checks the user role when a user is trying to access the admin page, but that control is not done for the pages routes/adminPanelComments.py and routes/adminPanelPosts.py. Thus, an unauthorized user can bypass the intended restrictions, leaking sensitive data and accessing the following pages: /admin/posts, /adminpanel/posts, /admin/comments, and /adminpanel/comments. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55735 - FlaskBlog Stored XSS Vulnerability

CVE ID : CVE-2025-55735 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when creating a post, there's no validation of the content of the post stored in the variable "postContent". The vulnerability arises when displaying the content of the post using the | safe filter, that tells the engine to not escape the rendered content. This can lead to a stored XSS inside the content of the post. The code that causes the problem is in template/routes.html. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55736 - FlaskBlog Role Elevation Vulnerability

CVE ID : CVE-2025-55736 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, an arbitrary user can change his role to "admin", giving its relative privileges (e.g. delete users, posts, comments etc.). The problem is in the routes/adminPanelUsers file. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-9153 - iSourcecode Online Tour and Travel Management System File Upload Vulnerability

CVE ID : CVE-2025-9153 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-9154 - iSourcecode Online Tour and Travel Management System SQL Injection

CVE ID : CVE-2025-9154 Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago Description : A flaw has been found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /user/page-login.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2024-44373 - AllSky Path Traversal Web Shell RCE

CVE ID : CVE-2024-44373 Published : Aug. 19, 2025, 7:15 p.m. | 52 minutes ago Description : A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unauthenticated attacker to create a webshell and remote code execution via the path, content parameter to /includes/save_file.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-31988 - HCL Digital Experience Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-31988 Published : Aug. 19, 2025, 7:15 p.m. | 52 minutes ago Description : HCL Digital Experience is susceptible to cross site scripting (XSS) in an administrative UI with restricted access. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 19:15:00 GMT

read more

CVE-2025-55153 - Apache HTTP Server XML Entity Injection

CVE ID : CVE-2025-55153 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago Description : Rejected reason: This CVE is a duplicate of another CVE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-55294 - "Screenshot-Desktop Command Injection Vulnerability"

CVE ID : CVE-2025-55294 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago Description : screenshot-desktop allows capturing a screenshot of your local machine. This vulnerability is a command injection issue. When user-controlled input is passed into the format option of the screenshot function, it is interpolated into a shell command without sanitization. This results in arbitrary command execution with the privileges of the calling process. This vulnerability is fixed in 1.15.2. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-55295 - qBit Manage Path Traversal Vulnerability

CVE ID : CVE-2025-55295 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago Description : qBit Manage is a tool that helps manage tedious tasks in qBittorrent and automate them. A path traversal vulnerability exists in qbit_manage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restore_config_from_backup endpoint. The vulnerability allows attackers to bypass directory restrictions and read arbitrary files from the server filesystem by manipulating the backup_id parameter with path traversal sequences (e.g., ../). This vulnerability is fixed in 4.5.4. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-8450 - Fortra FileCatalyst Unauthenticated File Upload Vulnerability

CVE ID : CVE-2025-8450 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago Description : Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows unauthenticated users to upload arbitrary files via the order forms page. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-9149 - Wavlink Wireless.cgi Command Injection

CVE ID : CVE-2025-9149 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago Description : A vulnerability was determined in Wavlink WL-NU516U1 M16U1_V240425. This impacts the function sub_4032E4 of the file /cgi-bin/wireless.cgi. This manipulation of the argument Guest_ssid causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-9150 - Surbowl Dormitory-Management-Php SQL Injection

CVE ID : CVE-2025-9150 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago Description : A vulnerability was identified in Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317. Affected is an unknown function of the file /admin/violation_add.php?id=2. Such manipulation of the argument ID leads to sql injection. The attack may be performed from a remote location. The exploit is publicly available and might be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-9151 - LiuYuYang01 ThriveX-Blog Remote Unauthorized Access Vulnerability

CVE ID : CVE-2025-9151 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago Description : A security flaw has been discovered in LiuYuYang01 ThriveX-Blog up to 3.1.7. Affected by this vulnerability is the function updateJsonValueByName of the file /web_config/json/name/web. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 18:15:00 GMT

read more

CVE-2025-54881 - Mermaid Sequence Diagram Label XSS

CVE ID : CVE-2025-54881 Published : Aug. 19, 2025, 5:15 p.m. | 2 hours, 52 minutes ago Description : Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 10.9.0-rc.1 to 11.9.0, user supplied input for sequence diagram labels is passed to innerHTML during calculation of element size, causing XSS. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-9147 - JasonClark GetSemantic Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9147 Published : Aug. 19, 2025, 5:15 p.m. | 2 hours, 52 minutes ago Description : A vulnerability has been found in jasonclark getsemantic up to 040c96eb8cf9947488bd01b8de99b607b0519f7d. The impacted element is an unknown function of the file /index.php. The manipulation of the argument view leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-9148 - CodePhiliaX Chat2DB JDBC Connection Handler SQL Injection Vulnerability

CVE ID : CVE-2025-9148 Published : Aug. 19, 2025, 5:15 p.m. | 2 hours, 52 minutes ago Description : A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects an unknown function of the file ai/chat2db/server/web/api/controller/data/source/DataSourceController.java of the component JDBC Connection Handler. The manipulation results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38605 - "Qualcomm ath12k Wi-Fi Kernel Panic Vulnerability"

CVE ID : CVE-2025-38605 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() In ath12k_dp_tx_get_encap_type(), the arvif parameter is only used to retrieve the ab pointer. In vdev delete sequence the arvif->ar could become NULL and that would trigger kernel panic. Since the caller ath12k_dp_tx() already has a valid ab pointer, pass it directly to avoid panic and unnecessary dereferencing. PC points to "ath12k_dp_tx+0x228/0x988 [ath12k]" LR points to "ath12k_dp_tx+0xc8/0x988 [ath12k]". The Backtrace obtained is as follows: ath12k_dp_tx+0x228/0x988 [ath12k] ath12k_mac_tx_check_max_limit+0x608/0x920 [ath12k] ieee80211_process_measurement_req+0x320/0x348 [mac80211] ieee80211_tx_dequeue+0x9ac/0x1518 [mac80211] ieee80211_tx_dequeue+0xb14/0x1518 [mac80211] ieee80211_tx_prepare_skb+0x224/0x254 [mac80211] ieee80211_xmit+0xec/0x100 [mac80211] __ieee80211_subif_start_xmit+0xc50/0xf40 [mac80211] ieee80211_subif_start_xmit+0x2e8/0x308 [mac80211] netdev_start_xmit+0x150/0x18c dev_hard_start_xmit+0x74/0xc0 Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38606 - Linux Kernel WiFi ath12k: Null Pointer Deref in Beacon Miss Handling

CVE ID : CVE-2025-38606 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid accessing uninitialized arvif->ar during beacon miss During beacon miss handling, ath12k driver iterates over active virtual interfaces (vifs) and attempts to access the radio object (ar) via arvif->deflink->ar. However, after commit aa80f12f3bed ("wifi: ath12k: defer vdev creation for MLO"), arvif is linked to a radio only after vdev creation, typically when a channel is assigned or a scan is requested. For P2P capable devices, a default P2P interface is created by wpa_supplicant along with regular station interfaces, these serve as dummy interfaces for P2P-capable stations, lack an associated netdev and initiate frequent scans to discover neighbor p2p devices. When a scan is initiated on such P2P vifs, driver selects destination radio (ar) based on scan frequency, creates a scan vdev, and attaches arvif to the radio. Once the scan completes or is aborted, the scan vdev is deleted, detaching arvif from the radio and leaving arvif->ar uninitialized. While handling beacon miss for station interfaces, P2P interface is also encountered in the vif iteration and ath12k_mac_handle_beacon_miss_iter() tries to dereference the uninitialized arvif->deflink->ar. Fix this by verifying that vdev is created for the arvif before accessing its ar during beacon miss handling and similar vif iterator callbacks. ========================================================================== wlp6s0: detected beacon loss from AP (missed 7 beacons) - probing KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] CPU: 5 UID: 0 PID: 0 Comm: swapper/5 Not tainted 6.16.0-rc1-wt-ath+ #2 PREEMPT(full) RIP: 0010:ath12k_mac_handle_beacon_miss_iter+0xb5/0x1a0 [ath12k] Call Trace: __iterate_interfaces+0x11a/0x410 [mac80211] ieee80211_iterate_active_interfaces_atomic+0x61/0x140 [mac80211] ath12k_mac_handle_beacon_miss+0xa1/0xf0 [ath12k] ath12k_roam_event+0x393/0x560 [ath12k] ath12k_wmi_op_rx+0x1486/0x28c0 [ath12k] ath12k_htc_process_trailer.isra.0+0x2fb/0x620 [ath12k] ath12k_htc_rx_completion_handler+0x448/0x830 [ath12k] ath12k_ce_recv_process_cb+0x549/0x9e0 [ath12k] ath12k_ce_per_engine_service+0xbe/0xf0 [ath12k] ath12k_pci_ce_workqueue+0x69/0x120 [ath12k] process_one_work+0xe3a/0x1430 Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1 Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.1.c5-00284.1-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38607 - Linux Kernel BPF Conditional Jump Vulnerability

CVE ID : CVE-2025-38607 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset (if a & b ...) as a jump in CFG computation BPF_JSET is a conditional jump and currently verifier.c:can_jump() does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the following example: 1: r0 = 1; 2: r2 = 2; 3: if r1 & 0x7 goto +1; 4: exit; 5: r0 = r2; 6: exit; W/o this fix insn_successors(3) will return only (4), a jump to (5) would be missed and r2 won't be marked as alive at (3). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38608 - Linux Kernel ktls Uninitialized Data Corruption

CVE ID : CVE-2025-38608 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, we failed to recalculate the ciphertext length. This results in transmitting buffers containing uninitialized data during ciphertext transmission. This causes uninitialized bytes to be appended after a complete "Application Data" packet, leading to errors on the receiving end when parsing TLS record. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38609 - Linux Kernel Null Pointer Dereference in devfreq Governor

CVE ID : CVE-2025-38609 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Check governor before using governor->name Commit 96ffcdf239de ("PM / devfreq: Remove redundant governor_name from struct devfreq") removes governor_name and uses governor->name to replace it. But devfreq->governor may be NULL and directly using devfreq->governor->name may cause null pointer exception. Move the check of governor to before using governor->name. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38610 - Linux Powercap DTPM CPU NULL Pointer Dereference

CVE ID : CVE-2025-38610 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() The get_pd_power_uw() function can crash with a NULL pointer dereference when em_cpu_get() returns NULL. This occurs when a CPU becomes impossible during runtime, causing get_cpu_device() to return NULL, which propagates through em_cpu_get() and leads to a crash when em_span_cpus() dereferences the NULL pointer. Add a NULL check after em_cpu_get() and return 0 if unavailable, matching the existing fallback behavior in __dtpm_cpu_setup(). [ rjw: Drop an excess empty code line ] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38611 - Linux Kernel vmci Information Leak Vulnerability

CVE ID : CVE-2025-38611 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: vmci: Prevent the dispatching of uninitialized payloads The reproducer executes the host's unlocked_ioctl call in two different tasks. When init_context fails, the struct vmci_event_ctx is not fully initialized when executing vmci_datagram_dispatch() to send events to all vm contexts. This affects the datagram taken from the datagram queue of its context by another task, because the datagram payload is not initialized according to the size payload_size, which causes the kernel data to leak to the user space. Before dispatching the datagram, and before setting the payload content, explicitly set the payload content to 0 to avoid data leakage caused by incomplete payload initialization. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38612 - Linux Kernel Fbtft Framebuffer Memory Leak Vulnerability

CVE ID : CVE-2025-38612 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() In the error paths after fb_info structure is successfully allocated, the memory allocated in fb_deferred_io_init() for info->pagerefs is not freed. Fix that by adding the cleanup function on the error path. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38613 - Linux Kernel GPib Buffer Overflow

CVE ID : CVE-2025-38613 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpib_board_info_ioctl is showing up as initialized data on the stack frame being copyied back to userspace in function board_info_ioctl. The simplest fix is to initialize the entire struct to zero to ensure all unassigned padding fields are zero'd before being copied back to userspace. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38614 - Linux Kernel Eventpoll Recursive Depth Unlimited Link Formation Vulnerability

CVE ID : CVE-2025-38614 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EP_MAX_NESTS+1 links. Currently, ep_loop_check_proc() ensures that the graph is loop-free and does some recursion depth checks, but those recursion depth checks don't limit the depth of the resulting tree for two reasons: - They don't look upwards in the tree. - If there are multiple downwards paths of different lengths, only one of the paths is actually considered for the depth check since commit 28d82dc1c4ed ("epoll: limit paths"). Essentially, the current recursion depth check in ep_loop_check_proc() just serves to prevent it from recursing too deeply while checking for loops. A more thorough check is done in reverse_path_check() after the new graph edge has already been created; this checks, among other things, that no paths going upwards from any non-epoll file with a length of more than 5 edges exist. However, this check does not apply to non-epoll files. As a result, it is possible to recurse to a depth of at least roughly 500, tested on v6.15. (I am unsure if deeper recursion is possible; and this may have changed with commit 8c44dac8add7 ("eventpoll: Fix priority inversion problem").) To fix it: 1. In ep_loop_check_proc(), note the subtree depth of each visited node, and use subtree depths for the total depth calculation even when a subtree has already been visited. 2. Add ep_get_upwards_depth_proc() for similarly determining the maximum depth of an upwards walk. 3. In ep_loop_check(), use these values to limit the total path length between epoll nodes to EP_MAX_NESTS edges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38615 - "NTFS3 Linux Kernel Live Inode Eviction Vulnerability"

CVE ID : CVE-2025-38615 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted i_link. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted. The underlying bug is that make_bad_inode() is called on a live inode. In some cases it's "icache lookup finds a normal inode, d_splice_alias() is called to attach it to dentry, while another thread decides to call make_bad_inode() on it - that would evict it from icache, but we'd already found it there earlier". In some it's outright "we have an inode attached to dentry - that's how we got it in the first place; let's call make_bad_inode() on it just for shits and giggles". Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-51506 - HRForecast Suite SmartLibrary SQL Injection Vulnerability

CVE ID : CVE-2025-51506 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : In the smartLibrary component of the HRForecast Suite 0.4.3, a SQL injection vulnerability was discovered in the valueKey parameter. This flaw enables any authenticated user to execute arbitrary SQL queries, via crafted payloads to valueKey to the api/smartlibrary/v2/en/dictionaries/options/lookup endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-52478 - n8n Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-52478 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : n8n is a workflow automation platform. From 1.77.0 to before 1.98.2, a stored Cross-Site Scripting (XSS) vulnerability was identified in n8n, specifically in the Form Trigger node's HTML form element. An authenticated attacker can inject malicious HTML via an with a srcdoc payload that includes arbitrary JavaScript execution. The attacker can also inject malicious Javascript by using coupled using an onerror event. While using iframe or a combination of video and source tag, this vulnerability allows for Account Takeover (ATO) by exfiltrating n8n-browserId and session cookies from authenticated users who visit a maliciously crafted form. Using these tokens and cookies, an attacker can impersonate the victim and change account details such as email addresses, enabling full control over the account—especially if 2FA is not enabled. Users should upgrade to version >= 1.98.2. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-54411 - Discourse Welcome Banner XSS Vulnerability

CVE ID : CVE-2025-54411 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : Discourse is an open-source discussion platform. Welcome banner user name string for logged in users can be vulnerable to XSS attacks, which affect the user themselves or an admin impersonating them. Admins can temporarily alter the welcome_banner.header.logged_in_members site text to remove the preferred_display_name placeholder, or not impersonate any users for the time being. This vulnerability is fixed in 3.5.0.beta8. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-54880 - Mermaid Cross Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-54880 Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago Description : Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 11.9.0 and earlier, user supplied input for architecture diagram icons is passed to the d3 html() method, creating a sink for cross site scripting. This vulnerability is fixed in 11.10.0. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38598 - AMDGPU Use-After-Free Vulnerability

CVE ID : CVE-2025-38598 Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free in amdgpu_userq_suspend+0x51a/0x5a0 [ +0.000020] BUG: KASAN: slab-use-after-free in amdgpu_userq_suspend+0x51a/0x5a0 [amdgpu] [ +0.000817] Read of size 8 at addr ffff88812eec8c58 by task amd_pci_unplug/1733 [ +0.000027] CPU: 10 UID: 0 PID: 1733 Comm: amd_pci_unplug Tainted: G W 6.14.0+ #2 [ +0.000009] Tainted: [W]=WARN [ +0.000003] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020 [ +0.000004] Call Trace: [ +0.000004] [ +0.000003] dump_stack_lvl+0x76/0xa0 [ +0.000011] print_report+0xce/0x600 [ +0.000009] ? srso_return_thunk+0x5/0x5f [ +0.000006] ? kasan_complete_mode_report_info+0x76/0x200 [ +0.000007] ? kasan_addr_to_slab+0xd/0xb0 [ +0.000006] ? amdgpu_userq_suspend+0x51a/0x5a0 [amdgpu] [ +0.000707] kasan_report+0xbe/0x110 [ +0.000006] ? amdgpu_userq_suspend+0x51a/0x5a0 [amdgpu] [ +0.000541] __asan_report_load8_noabort+0x14/0x30 [ +0.000005] amdgpu_userq_suspend+0x51a/0x5a0 [amdgpu] [ +0.000535] ? stop_cpsch+0x396/0x600 [amdgpu] [ +0.000556] ? stop_cpsch+0x429/0x600 [amdgpu] [ +0.000536] ? __pfx_amdgpu_userq_suspend+0x10/0x10 [amdgpu] [ +0.000536] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? kgd2kfd_suspend+0x132/0x1d0 [amdgpu] [ +0.000542] amdgpu_device_fini_hw+0x581/0xe90 [amdgpu] [ +0.000485] ? down_write+0xbb/0x140 [ +0.000007] ? __mutex_unlock_slowpath.constprop.0+0x317/0x360 [ +0.000005] ? __pfx_amdgpu_device_fini_hw+0x10/0x10 [amdgpu] [ +0.000482] ? __kasan_check_write+0x14/0x30 [ +0.000004] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? up_write+0x55/0xb0 [ +0.000007] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? blocking_notifier_chain_unregister+0x6c/0xc0 [ +0.000008] amdgpu_driver_unload_kms+0x69/0x90 [amdgpu] [ +0.000484] amdgpu_pci_remove+0x93/0x130 [amdgpu] [ +0.000482] pci_device_remove+0xae/0x1e0 [ +0.000008] device_remove+0xc7/0x180 [ +0.000008] device_release_driver_internal+0x3d4/0x5a0 [ +0.000007] device_release_driver+0x12/0x20 [ +0.000004] pci_stop_bus_device+0x104/0x150 [ +0.000006] pci_stop_and_remove_bus_device_locked+0x1b/0x40 [ +0.000005] remove_store+0xd7/0xf0 [ +0.000005] ? __pfx_remove_store+0x10/0x10 [ +0.000006] ? __pfx__copy_from_iter+0x10/0x10 [ +0.000006] ? __pfx_dev_attr_store+0x10/0x10 [ +0.000006] dev_attr_store+0x3f/0x80 [ +0.000006] sysfs_kf_write+0x125/0x1d0 [ +0.000004] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? __kasan_check_write+0x14/0x30 [ +0.000005] kernfs_fop_write_iter+0x2ea/0x490 [ +0.000005] ? rw_verify_area+0x70/0x420 [ +0.000005] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ +0.000006] vfs_write+0x90d/0xe70 [ +0.000005] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? __pfx_vfs_write+0x10/0x10 [ +0.000004] ? local_clock+0x15/0x30 [ +0.000008] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? __kasan_slab_free+0x5f/0x80 [ +0.000005] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? __kasan_check_read+0x11/0x20 [ +0.000004] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? fdget_pos+0x1d3/0x500 [ +0.000007] ksys_write+0x119/0x220 [ +0.000005] ? putname+0x1c/0x30 [ +0.000006] ? __pfx_ksys_write+0x10/0x10 [ +0.000007] __x64_sys_write+0x72/0xc0 [ +0.000006] x64_sys_call+0x18ab/0x26f0 [ +0.000006] do_syscall_64+0x7c/0x170 [ +0.000004] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? __pfx___x64_sys_openat+0x10/0x10 [ +0.000006] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? __kasan_check_read+0x11/0x20 [ +0.000003] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? fpregs_assert_state_consistent+0x21/0xb0 [ +0.000006] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? syscall_exit_to_user_mode+0x4e/0x240 [ +0.000005] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? do_syscall_64+0x88/0x170 [ +0.000003] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? irqentry_exit+0x43/0x50 [ +0.000004] ? srso_return_thunk+0x5 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38599 - "TP-Link Wireless WiFi Out-Of-Boundary Access Vulnerability"

CVE ID : CVE-2025-38599 Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible OOB access in mt7996_tx() Fis possible Out-Of-Boundary access in mt7996_tx routine if link_id is set to IEEE80211_LINK_UNSPECIFIED Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38600 - "Qualcomm Atheros WiFi Off-By-One Array Indexing Vulnerability"

CVE ID : CVE-2025-38600 Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan() The ssid->ssids[] and sreq->ssids[] arrays have MT7925_RNR_SCAN_MAX_BSSIDS elements so this >= needs to be > to prevent an out of bounds access. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38601 - Qualcomm Atheros Wi-Fi ath11k: Page Fault due to Uninitialized Flag

CVE ID : CVE-2025-38601 Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: clear initialized flag for deinit-ed srng lists In a number of cases we see kernel panics on resume due to ath11k kernel page fault, which happens under the following circumstances: 1) First ath11k_hal_dump_srng_stats() call Last interrupt received for each group: ath11k_pci 0000:01:00.0: group_id 0 22511ms before ath11k_pci 0000:01:00.0: group_id 1 14440788ms before [..] ath11k_pci 0000:01:00.0: failed to receive control response completion, polling.. ath11k_pci 0000:01:00.0: Service connect timeout ath11k_pci 0000:01:00.0: failed to connect to HTT: -110 ath11k_pci 0000:01:00.0: failed to start core: -110 ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM ath11k_pci 0000:01:00.0: already resetting count 2 ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110 ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110 ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery [..] 2) At this point reconfiguration fails (we have 2 resets) and ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit() which destroys srng lists. However, it does not reset per-list ->initialized flag. 3) Second ath11k_hal_dump_srng_stats() call sees stale ->initialized flag and attempts to dump srng stats: Last interrupt received for each group: ath11k_pci 0000:01:00.0: group_id 0 66785ms before ath11k_pci 0000:01:00.0: group_id 1 14485062ms before ath11k_pci 0000:01:00.0: group_id 2 14485062ms before ath11k_pci 0000:01:00.0: group_id 3 14485062ms before ath11k_pci 0000:01:00.0: group_id 4 14780845ms before ath11k_pci 0000:01:00.0: group_id 5 14780845ms before ath11k_pci 0000:01:00.0: group_id 6 14485062ms before ath11k_pci 0000:01:00.0: group_id 7 66814ms before ath11k_pci 0000:01:00.0: group_id 8 68997ms before ath11k_pci 0000:01:00.0: group_id 9 67588ms before ath11k_pci 0000:01:00.0: group_id 10 69511ms before BUG: unable to handle page fault for address: ffffa007404eb010 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0 Oops: 0000 [#1] PREEMPT SMP NOPTI RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k] Call Trace: ? __die_body+0xae/0xb0 ? page_fault_oops+0x381/0x3e0 ? exc_page_fault+0x69/0xa0 ? asm_exc_page_fault+0x22/0x30 ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)] ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)] worker_thread+0x389/0x930 kthread+0x149/0x170 Clear per-list ->initialized flag in ath11k_hal_srng_deinit(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38602 - "iwlwifi NULL Pointer Dereference Vulnerability"

CVE ID : CVE-2025-38602 Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Add missing check for alloc_ordered_workqueue Add check for the return value of alloc_ordered_workqueue since it may return NULL pointer. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38603 - AMDGPU Slab-Use-After-Free Vulnerability

CVE ID : CVE-2025-38603 Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix slab-use-after-free in amdgpu_userq_mgr_fini+0x70c The issue was reproduced on NV10 using IGT pci_unplug test. It is expected that `amdgpu_driver_postclose_kms()` is called prior to `amdgpu_drm_release()`. However, the bug is that `amdgpu_fpriv` was freed in `amdgpu_driver_postclose_kms()`, and then later accessed in `amdgpu_drm_release()` via a call to `amdgpu_userq_mgr_fini()`. As a result, KASAN detected a use-after-free condition, as shown in the log below. The proposed fix is to move the calls to `amdgpu_eviction_fence_destroy()` and `amdgpu_userq_mgr_fini()` into `amdgpu_driver_postclose_kms()`, so they are invoked before `amdgpu_fpriv` is freed. This also ensures symmetry with the initialization path in `amdgpu_driver_open_kms()`, where the following components are initialized: - `amdgpu_userq_mgr_init()` - `amdgpu_eviction_fence_init()` - `amdgpu_ctx_mgr_init()` Correspondingly, in `amdgpu_driver_postclose_kms()` we should clean up using: - `amdgpu_userq_mgr_fini()` - `amdgpu_eviction_fence_destroy()` - `amdgpu_ctx_mgr_fini()` This change eliminates the use-after-free and improves consistency in resource management between open and close paths. [ +0.094367] ================================================================== [ +0.000026] BUG: KASAN: slab-use-after-free in amdgpu_userq_mgr_fini+0x70c/0x730 [amdgpu] [ +0.000866] Write of size 8 at addr ffff88811c068c60 by task amd_pci_unplug/1737 [ +0.000026] CPU: 3 UID: 0 PID: 1737 Comm: amd_pci_unplug Not tainted 6.14.0+ #2 [ +0.000008] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020 [ +0.000004] Call Trace: [ +0.000004] [ +0.000003] dump_stack_lvl+0x76/0xa0 [ +0.000010] print_report+0xce/0x600 [ +0.000009] ? amdgpu_userq_mgr_fini+0x70c/0x730 [amdgpu] [ +0.000790] ? srso_return_thunk+0x5/0x5f [ +0.000007] ? kasan_complete_mode_report_info+0x76/0x200 [ +0.000008] ? amdgpu_userq_mgr_fini+0x70c/0x730 [amdgpu] [ +0.000684] kasan_report+0xbe/0x110 [ +0.000007] ? amdgpu_userq_mgr_fini+0x70c/0x730 [amdgpu] [ +0.000601] __asan_report_store8_noabort+0x17/0x30 [ +0.000007] amdgpu_userq_mgr_fini+0x70c/0x730 [amdgpu] [ +0.000801] ? __pfx_amdgpu_userq_mgr_fini+0x10/0x10 [amdgpu] [ +0.000819] ? srso_return_thunk+0x5/0x5f [ +0.000008] amdgpu_drm_release+0xa3/0xe0 [amdgpu] [ +0.000604] __fput+0x354/0xa90 [ +0.000010] __fput_sync+0x59/0x80 [ +0.000005] __x64_sys_close+0x7d/0xe0 [ +0.000006] x64_sys_call+0x2505/0x26f0 [ +0.000006] do_syscall_64+0x7c/0x170 [ +0.000004] ? kasan_record_aux_stack+0xae/0xd0 [ +0.000005] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? kmem_cache_free+0x398/0x580 [ +0.000006] ? __fput+0x543/0xa90 [ +0.000006] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? __fput+0x543/0xa90 [ +0.000004] ? __kasan_check_read+0x11/0x20 [ +0.000007] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? __kasan_check_read+0x11/0x20 [ +0.000003] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? fpregs_assert_state_consistent+0x21/0xb0 [ +0.000006] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? syscall_exit_to_user_mode+0x4e/0x240 [ +0.000005] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? do_syscall_64+0x88/0x170 [ +0.000003] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? do_syscall_64+0x88/0x170 [ +0.000004] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? irqentry_exit+0x43/0x50 [ +0.000004] ? srso_return_thunk+0x5/0x5f [ +0.000004] ? exc_page_fault+0x7c/0x110 [ +0.000006] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ +0.000005] RIP: 0033:0x7ffff7b14f67 [ +0.000005] Code: ff e8 0d 16 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 03 00 00 00 0f 05 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 73 ba f7 ff [ +0.000004] RSP: 002b:00007fffffffe358 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ +0.000006] RAX: ffffffffff ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-38604 - "RTL8187: Null Pointer Dereference in Wireless Driver"

CVE ID : CVE-2025-38604 Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Kill URBs before clearing tx status queue In rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing b_tx_status.queue. This change prevents callbacks from using already freed skb due to anchor was not killed before freeing such skb. BUG: kernel NULL pointer dereference, address: 0000000000000080 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: Oops: 0000 [#1] SMP NOPTI CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015 RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211] Call Trace: rtl8187_tx_cb+0x116/0x150 [rtl8187] __usb_hcd_giveback_urb+0x9d/0x120 usb_giveback_urb_bh+0xbb/0x140 process_one_work+0x19b/0x3c0 bh_worker+0x1a7/0x210 tasklet_action+0x10/0x30 handle_softirqs+0xf0/0x340 __irq_exit_rcu+0xcd/0xf0 common_interrupt+0x85/0xa0 Tested on RTL8187BvE device. Found by Linux Verification Center (linuxtesting.org) with SVACE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 17:15:00 GMT

read more

CVE-2025-43738 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43738 Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.19 allows a remote authenticated user to inject JavaScript code via _com_liferay_expando_web_portlet_ExpandoPortlet_displayType parameter. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-50434 - Appian Enterprise Business Process Management Remote Code Execution

CVE ID : CVE-2025-50434 Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago Description : Appian Enterprise Business Process Management 25.3 is vulnerable to Incorrect Access Control. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-50938 - Hustoj XSS

CVE ID : CVE-2025-50938 Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago Description : Cross site scripting (XSS) vulnerability in Hustoj 2025-01-31 via the TID parameter to thread.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-51539 - EzGED3 PHP File Read Vulnerability

CVE ID : CVE-2025-51539 Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago Description : EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access control and insufficient input validation in a script exposed via the web interface. A remote attacker can supply a crafted path parameter to a PHP script to read arbitrary files from the filesystem. The script lacks both authentication checks and secure path handling, allowing directory traversal attacks (e.g., ../../../) to access sensitive files such as configuration files, database dumps, source code, and password reset tokens. If phpMyAdmin is exposed, extracted credentials can be used for direct administrative access. In environments without such tools, attacker-controlled file reads still allow full database extraction by targeting raw MySQL data files. The vendor states that the issue is fixed in 3.5.72.27183. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-51540 - EzGED3 Password Hashing Weakness (Insecure Hashing Scheme)

CVE ID : CVE-2025-51540 Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago Description : EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5(md5(password)). This hashing method is cryptographically weak and allows attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm makes it feasible to recover plaintext credentials using precomputed tables or GPU-based cracking tools. The vendor states that the issue is fixed in 3.5.72.27183. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-8782 - Apache Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-8782 Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-9145 - Scada-LTS SVG File Handler Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9145 Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago Description : A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file view_edit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-9146 - Linksys E5600 Remote Cryptographic Algorithm Manipulation Vulnerability

CVE ID : CVE-2025-9146 Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago Description : A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 16:15:00 GMT

read more

CVE-2025-50579 - Nginx Proxy Manager Cross-Origin Resource Sharing (CORS) Misconfiguration

CVE ID : CVE-2025-50579 Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago Description : A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a remote attacker-controlled server, potentially leading to unauthorized actions within the application. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-50897 - Riscv-Boom SonicBOOM MMU Write Permission Fault

CVE ID : CVE-2025-50897 Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago Description : A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where valid virtual-to-physical address translations configured with write permissions (PTE_W) in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions (sd). This occurs despite the presence of proper page table entries and valid memory access modes. The fault is reproducible when transitioning into virtual memory and attempting store operations in mapped kernel memory, indicating a potential flaw in the MMU, PMP, or memory access enforcement logic. This may cause unexpected kernel panics or denial of service in systems using BOOMv1.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51487 - MoonShine Stored XSS

CVE ID : CVE-2025-51487 Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago Description : A stored cross-site scripting (XSS) vulnerability in the Create Article function of MoonShine v3.12.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Link parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51488 - MoonShine Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-51488 Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago Description : A stored cross-site scripting (XSS) vulnerability in the Create Admin function of MoonShine v3.12.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51489 - MoonShine File Upload Code Execution Vulnerability

CVE ID : CVE-2025-51489 Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago Description : An arbitrary file upload vulnerability in MoonShine v3.12.4 allows attackers to execute arbitrary code via uploading a crafted SVG file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51510 - MoonShine SQL Injection

CVE ID : CVE-2025-51510 Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago Description : MoonShine v3.12.5 was discovered to contain a SQL injection vulnerability via the Data parameter under the Blog module. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-51529 - Jonkastonka Cookies and Content Security Policy AJAX Denial of Service

CVE ID : CVE-2025-51529 Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago Description : Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service (database server resource exhaustion) via unlimited database write operations to the wp_ajax_nopriv_cacsp_insert_consent_data endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-9143 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9143 Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago Description : A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailing_lists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-9144 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9144 Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago Description : A weakness has been identified in Scada-LTS 2.7.8.1. This vulnerability affects unknown code of the file publisher_edit.shtm. This manipulation of the argument Name causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 15:15:00 GMT

read more

CVE-2025-43739 - Liferay Portal: Email Spoofing Vulnerability

CVE ID : CVE-2025-43739 Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allow any authenticated user to modify the content of emails sent through the calendar portlet, allowing an attacker to send phishing emails to any other user in the same organization. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-4044 - Lexmark XML XXE Disclosure

CVE ID : CVE-2025-4044 Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago Description : Improper Restriction of XML External Entity Reference in various Lexmark printer drivers for Windows allows attacker to disclose sensitive information to an arbitrary URL. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-4046 - Lexmark Cloud Services Badge Management Authorization Bypass

CVE ID : CVE-2025-4046 Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago Description : A missing authorization vulnerability in Lexmark Cloud Services badge management allows attacker to reassign badges within their organization Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-4690 - AngularJS Linky Filter Regular Expression Denial of Service (ReDoS)

CVE ID : CVE-2025-4690 Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago Description : A regular expression used by AngularJS' linky https://docs.angularjs.org/api/ngSanitize/filter/linky filter to detect URLs in input text is vulnerable to super-linear runtime due to backtracking. With a large carefully-crafted input, this can cause a Regular expression Denial of Service (ReDoS) https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS attack on the application. This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status . Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-50461 - Volcengine Verl Deserialization Code Execution Vulnerability

CVE ID : CVE-2025-50461 Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago Description : A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/model_merger.py script when using the "fsdp" backend. The script calls torch.load() with weights_only=False on user-supplied .pt files, allowing attackers to execute arbitrary code if a maliciously crafted model file is loaded. An attacker can exploit this by convincing a victim to download and place a malicious model file in a local directory with a specific filename pattern. This vulnerability may lead to arbitrary code execution with the privileges of the user running the script. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-50567 - Saurus CMS SQL Injection

CVE ID : CVE-2025-50567 Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago Description : Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare() function, which uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading to arbitrary PHP code execution. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-54336 - Plesk Obsidian Authentication Bypass Vulnerability

CVE ID : CVE-2025-54336 Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago Description : In Plesk Obsidian 18.0.70, _isAdminPasswordValid uses an == comparison. Thus, if the correct password is "0e" followed by any digit string, then an attacker can login with any other string that evaluates to 0.0 (such as the 0e0 string). This occurs in admin/plib/LoginManager.php. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-9140 - Shanghai Lingdang Information Technology Lingdang CRM SQL Injection Vulnerability

CVE ID : CVE-2025-9140 Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago Description : A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this issue is some unknown functionality of the file /crm/crmapi/erp/tabdetail_moduleSave.php. The manipulation of the argument getvaluestring leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Upgrading to version 8.6.5.4 can resolve this issue. The affected component should be upgraded. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+." Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2024-45062 - OpenPrinting ippusbxd Stack Based Buffer Overflow Vulnerability

CVE ID : CVE-2024-45062 Published : Aug. 19, 2025, 2:15 p.m. | 1 hour, 52 minutes ago Description : A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer that supports IPP-over-USB can cause a buffer overflow which can lead to a arbitrary code execution in a privileged service. To trigger the vulnerability, a malicious device would need to be connected to the vulnerable system over USB. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 14:15:00 GMT

read more

CVE-2025-43740 - Liferay Portal Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-43740 Published : Aug. 19, 2025, 1:15 p.m. | 2 hours, 52 minutes ago Description : A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.3.120 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13 and 2024.Q1.9 through 2024.Q1.19 allows an remote authenticated attacker to inject JavaScript through the message boards feature available via the web interface. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 13:15:00 GMT

read more

CVE-2025-9137 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9137 Published : Aug. 19, 2025, 1:15 p.m. | 2 hours, 52 minutes ago Description : A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduled_events.shtm. Such manipulation of the argument alias leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor explains: "[T]he risks of indicated vulnerabilities seem to be minimal as all scenarios likely require admin permissions. Moreover, regardless our team fixes those vulnerabilities - the overall risk change to the user due to malicious admin actions will not be lower. An admin user - by definition - has full control over HTML and JS code that is delivered to users in regular synoptic panels. In other words - due to the design of the system it is not possible to limit the admin user to attack the users." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 13:15:00 GMT

read more

CVE-2025-9138 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9138 Published : Aug. 19, 2025, 1:15 p.m. | 2 hours, 52 minutes ago Description : A vulnerability was found in Scada-LTS 2.7.8.1. Affected is an unknown function of the file pointHierarchy/new/. Performing manipulation of the argument Title results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor explains: "[T]he risks of indicated vulnerabilities seem to be minimal as all scenarios likely require admin permissions. Moreover, regardless our team fixes those vulnerabilities - the overall risk change to the user due to malicious admin actions will not be lower. An admin user - by definition - has full control over HTML and JS code that is delivered to users in regular synoptic panels. In other words - due to the design of the system it is not possible to limit the admin user to attack the users." Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 13:15:00 GMT

read more

CVE-2025-9139 - Scada-LTS Remote Information Disclosure Vulnerability

CVE ID : CVE-2025-9139 Published : Aug. 19, 2025, 1:15 p.m. | 2 hours, 52 minutes ago Description : A vulnerability was determined in Scada-LTS 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file /Scada-LTS/dwr/call/plaincall/WatchListDwr.init.dwr. Executing manipulation can lead to information disclosure. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor explains: "[T]he risks of indicated vulnerabilities seem to be minimal as all scenarios likely require admin permissions. Moreover, regardless our team fixes those vulnerabilities - the overall risk change to the user due to malicious admin actions will not be lower." Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 13:15:00 GMT

read more

CVE-2025-9136 - RetroArch Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-9136 Published : Aug. 19, 2025, 12:15 p.m. | 3 hours, 52 minutes ago Description : A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It is recommended to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 12:15:00 GMT

read more

CVE-2025-9134 - "AfterShip Package Tracker App Android Component Export Vulnerability"

CVE ID : CVE-2025-9134 Published : Aug. 19, 2025, 11:15 a.m. | 4 hours, 52 minutes ago Description : A security vulnerability has been detected in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper export of android application components. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure and replied: "After reviewing your report, we have confirmed that this vulnerability does indeed exist and we are actively working to fix it." Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 11:15:00 GMT

read more

CVE-2025-9135 - Verkehrsauskunft Österreich SmartRide Android Application Component Export

CVE ID : CVE-2025-9135 Published : Aug. 19, 2025, 11:15 a.m. | 4 hours, 52 minutes ago Description : A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer and BusBahnBim up to 12.1.1(258). The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components. The attack must be initiated from a local position. The exploit is now public and may be used. Upgrading to version 12.1.2(259) is sufficient to resolve this issue. Upgrading the affected component is recommended. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 11:15:00 GMT

read more

CVE-2025-8783 - WordPress Contact Manager Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8783 Published : Aug. 19, 2025, 11:15 a.m. | 3 hours, 52 minutes ago Description : The Contact Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title’ parameter in all versions up to, and including, 8.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 11:15:00 GMT

read more

CVE-2025-41685 - Sunny Portal Username Disclosure

CVE ID : CVE-2025-41685 Published : Aug. 19, 2025, 9:15 a.m. | 5 hours, 52 minutes ago Description : A low-privileged remote attacker can obtain the username of another registered Sunny Portal user by entering that user's email address. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 09:15:00 GMT

read more

CVE-2025-41689 - Cisco IoT Device Authentication Bypass Vulnerability

CVE ID : CVE-2025-41689 Published : Aug. 19, 2025, 9:15 a.m. | 5 hours, 52 minutes ago Description : An unauthenticated remote attacker can grant access without password protection to the affected device. This enables the unprotected read-only access to the stored measurement data. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 09:15:00 GMT

read more

CVE-2025-8567 - Nexter Blocks WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8567 Published : Aug. 19, 2025, 9:15 a.m. | 5 hours, 52 minutes ago Description : The Nexter Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 4.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 09:15:00 GMT

read more

CVE-2025-7654 - FunnelKit Sensitive Information Exposure Vulnerability

CVE ID : CVE-2025-7654 Published : Aug. 19, 2025, 8:15 a.m. | 6 hours, 52 minutes ago Description : Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including authentication cookies of other site users, which may make privilege escalation possible. Please note both FunnelKit – Funnel Builder for WooCommerce Checkout AND FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce are affected by this. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 08:15:00 GMT

read more

CVE-2025-7670 - WordPress JS Archive List SQL Injection Vulnerability

CVE ID : CVE-2025-7670 Published : Aug. 19, 2025, 8:15 a.m. | 6 hours, 52 minutes ago Description : The JS Archive List plugin for WordPress is vulnerable to time-based SQL Injection via the build_sql_where() function in all versions up to, and including, 6.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 08:15:00 GMT

read more

CVE-2025-8622 - WordPress Flexible Map Stored Cross-Site Scripting

CVE ID : CVE-2025-8622 Published : Aug. 19, 2025, 8:15 a.m. | 6 hours, 52 minutes ago Description : The Flexible Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Flexible Maps shortcode in all versions up to, and including, 1.18.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 08:15:00 GMT

read more

CVE-2025-8723 - Cloudflare WordPress Image Resizing Plugin Remote Code Execution

CVE ID : CVE-2025-8723 Published : Aug. 19, 2025, 8:15 a.m. | 6 hours, 52 minutes ago Description : The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hook_rest_pre_dispatch() method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary PHP into the codebase, achieving remote code execution. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 08:15:00 GMT

read more

CVE-2025-8218 - WordPress Properties Directory Theme Role Escalation Vulnerability

CVE ID : CVE-2025-8218 Published : Aug. 19, 2025, 7:15 a.m. | 7 hours, 52 minutes ago Description : The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'change_role_member' parameter in all versions up to, and including, 3.5. This is due to a lack of restriction in the profile update role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during a profile update. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 07:15:00 GMT

read more

CVE-2025-6758 - WordPress Properties Directory Theme Privilege Escalation

CVE ID : CVE-2025-6758 Published : Aug. 19, 2025, 7:15 a.m. | 6 hours, 51 minutes ago Description : The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'imic_agent_register' function in all versions up to, and including, 3.6. This is due to a lack of restriction in the registration role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during user registration. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 07:15:00 GMT

read more

CVE-2025-38553 - Linux Kernel Netem Qdisc Tree Duplication Vulnerability

CVE ID : CVE-2025-38553 Published : Aug. 19, 2025, 6:15 a.m. | 7 hours, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net/sched: Restrict conditions for adding duplicating netems to qdisc tree netem_enqueue's duplication prevention logic breaks when a netem resides in a qdisc tree with other netems - this can lead to a soft lockup and OOM loop in netem_dequeue, as seen in [1]. Ensure that a duplicating netem cannot exist in a tree with other netems. Previous approaches suggested in discussions in chronological order: 1) Track duplication status or ttl in the sk_buff struct. Considered too specific a use case to extend such a struct, though this would be a resilient fix and address other previous and potential future DOS bugs like the one described in loopy fun [2]. 2) Restrict netem_enqueue recursion depth like in act_mirred with a per cpu variable. However, netem_dequeue can call enqueue on its child, and the depth restriction could be bypassed if the child is a netem. 3) Use the same approach as in 2, but add metadata in netem_skb_cb to handle the netem_dequeue case and track a packet's involvement in duplication. This is an overly complex approach, and Jamal notes that the skb cb can be overwritten to circumvent this safeguard. 4) Prevent the addition of a netem to a qdisc tree if its ancestral path contains a netem. However, filters and actions can cause a packet to change paths when re-enqueued to the root from netem duplication, leading us to the current solution: prevent a duplicating netem from inhabiting the same tree as other netems. [1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/ [2] https://lwn.net/Articles/719297/ Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 06:15:00 GMT

read more

CVE-2025-5417 - Red Hat Developer Hub Improper Access Control Vulnerability

CVE ID : CVE-2025-5417 Published : Aug. 19, 2025, 5:15 a.m. | 8 hours, 51 minutes ago Description : An insufficient access control vulnerability was found in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, can access the rhdh/rhdh-hub-rhel9 container image and modify the image's content. This issue affects the confidentiality and integrity of the data, and any changes made are not permanent, as they reset after the pod restarts. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 05:15:00 GMT

read more

CVE-2025-8357 - WordPress Media Library Assistant Unauthenticated File Deletion Vulnerability

CVE ID : CVE-2025-8357 Published : Aug. 19, 2025, 5:15 a.m. | 8 hours, 51 minutes ago Description : The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file deletion in the /wp-content/uploads directory due to insufficient file path validation and user capability checking in the _process_mla_download_file function in all versions up to, and including, 3.27. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server from the /wp-content/uploads/ directory. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 05:15:00 GMT

read more

CVE-2025-7496 - WPC Smart Compare for WooCommerce Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-7496 Published : Aug. 19, 2025, 4:15 a.m. | 9 hours, 51 minutes ago Description : The WPC Smart Compare for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via DOM elements in all versions up to, and including, 6.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 04:15:00 GMT

read more

CVE-2025-57722 - Fortinet SSL/TLS Weak Key Generation

CVE ID : CVE-2025-57722 Published : Aug. 19, 2025, 3:15 a.m. | 10 hours, 51 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57723 - Apache HTTP Server Unauthenticated Remote Code Execution

CVE ID : CVE-2025-57723 Published : Aug. 19, 2025, 3:15 a.m. | 10 hours, 51 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57724 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-57724 Published : Aug. 19, 2025, 3:15 a.m. | 10 hours, 51 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57725 - Apache HTTP Server Information Disclosure

CVE ID : CVE-2025-57725 Published : Aug. 19, 2025, 3:15 a.m. | 10 hours, 51 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57718 - Apache HTTP Server SSRF

CVE ID : CVE-2025-57718 Published : Aug. 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57719 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-57719 Published : Aug. 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57720 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-57720 Published : Aug. 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57721 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-57721 Published : Aug. 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-57717 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-57717 Published : Aug. 19, 2025, 3:15 a.m. | 7 hours, 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 19 Aug 2025 03:15:00 GMT

read more

CVE-2025-54156 - Sante PACS Server Unencrypted Credential Exposure

CVE ID : CVE-2025-54156 Published : Aug. 18, 2025, 10:15 p.m. | 12 hours, 32 minutes ago Description : The Sante PACS Server Web Portal sends credential information without encryption. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-54759 - Sante PACS Server Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-54759 Published : Aug. 18, 2025, 10:15 p.m. | 12 hours, 32 minutes ago Description : Sante PACS Server is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirecting a user to a malicious webpage and stealing the user's cookie. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-54862 - Sante PACS Server Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54862 Published : Aug. 18, 2025, 10:15 p.m. | 12 hours, 32 minutes ago Description : Sante PACS Server web portal is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirecting a user to a malicious webpage and stealing the user's cookie. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-46269 - Ashlar-Vellum Cobalt Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-46269 Published : Aug. 18, 2025, 10:15 p.m. | 10 hours, 30 minutes ago Description : In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing VC6 files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-52584 - Ashlar-Vellum Cobalt Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-52584 Published : Aug. 18, 2025, 10:15 p.m. | 10 hours, 30 minutes ago Description : In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing XE files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-53948 - Sante PACS Server Denial of Service (DoS)

CVE ID : CVE-2025-53948 Published : Aug. 18, 2025, 10:15 p.m. | 10 hours, 30 minutes ago Description : The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a denial-of-service condition. The application would require a manual restart and no authentication is required. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 22:15:00 GMT

read more

CVE-2025-41392 - Ashlar-Vellum Cobalt Unvalidated AR File Parsing Vulnerability

CVE ID : CVE-2025-41392 Published : Aug. 18, 2025, 9:15 p.m. | 10 hours, 54 minutes ago Description : In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing AR files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 21:15:00 GMT

read more

CVE-2025-53705 - Ashlar-Vellum Cobalt Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-53705 Published : Aug. 18, 2025, 9:15 p.m. | 10 hours, 54 minutes ago Description : In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing CO files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 21:15:00 GMT

read more

CVE-2025-9119 - Netis WF2419 Cross-Site Scripting Vulnerability in Wireless Settings Page

CVE ID : CVE-2025-9119 Published : Aug. 18, 2025, 9:15 p.m. | 10 hours, 54 minutes ago Description : A vulnerability was determined in Netis WF2419 1.2.29433. This vulnerability affects unknown code of the file /index.htm of the component Wireless Settings Page. This manipulation of the argument SSID with the input causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 21:15:00 GMT

read more

CVE-2025-8098 - Lenovo PC Manager Privilege Escalation Vulnerability

CVE ID : CVE-2025-8098 Published : Aug. 18, 2025, 8:15 p.m. | 11 hours, 54 minutes ago Description : An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55590 - TOTOLINK A3002R Command Injection Vulnerability

CVE ID : CVE-2025-55590 Published : Aug. 18, 2025, 8:15 p.m. | 10 hours, 40 minutes ago Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an command injection vulnerability via the component bupload.html. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55591 - TOTOLINK-A3002R Command Injection Vulnerability

CVE ID : CVE-2025-55591 Published : Aug. 18, 2025, 8:15 p.m. | 10 hours, 40 minutes ago Description : TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability in the devicemac parameter in the formMapDel endpoint. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55587 - TOTOLINK A3002R Buffer Overflow DoS

CVE ID : CVE-2025-55587 Published : Aug. 18, 2025, 8:15 p.m. | 8 hours, 37 minutes ago Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55588 - TOTOLINK A3002R Buffer Overflow Denial of Service

CVE ID : CVE-2025-55588 Published : Aug. 18, 2025, 8:15 p.m. | 8 hours, 37 minutes ago Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the fw_ip parameter at /boafrm/formPortFw. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55589 - TOTOLINK A3002R OS Command Injection Vulnerability

CVE ID : CVE-2025-55589 Published : Aug. 18, 2025, 8:15 p.m. | 8 hours, 37 minutes ago Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain multiple OS command injection vulnerabilities via the macstr, bandstr, and clientoff parameters at /boafrm/formMapDelDevice. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55586 - TOTOLINK A3002R Buffer Overflow DoS

CVE ID : CVE-2025-55586 Published : Aug. 18, 2025, 8:15 p.m. | 7 hours, 54 minutes ago Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-32992 - Thermo Fisher Scientific ePort Authentication Bypass

CVE ID : CVE-2025-32992 Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago Description : Thermo Fisher Scientific ePort through 3.0.0 has Incorrect Access Control. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-4371 - Lenovo Web Camera Firmware Update Vulnerability

CVE ID : CVE-2025-4371 Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago Description : A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-53192 - Apache Commons OGNL Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-53192 Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago Description : ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue​, the OGNL engine parses and evaluates the provided expression with powerful capabilities, including accessing and invoking related methods, etc. Although OgnlRuntime attempts to restrict certain dangerous classes and methods (such as java.lang.Runtime) through a blocklist, these restrictions are not comprehensive. Attackers may be able to bypass the restrictions by leveraging class objects that are not covered by the blocklist and potentially achieve arbitrary code execution. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55213 - OpenFGA Authorization Policy Enforcement Vulnerability

CVE ID : CVE-2025-55213 Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago Description : OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.9.3 to v1.9.4 ( openfga-0.2.40 Helm chart openfga-0.2.41, v1.9.3 docker v.1.9.4) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This vulnerability is fixed in 1.9.5. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55584 - TOTOLINK A3002R Telnet Service Insecure Credentials Vulnerability

CVE ID : CVE-2025-55584 Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain insecure credentials for the telnet service and root account. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-55585 - TOTOLINK A3002R eval Injection Vulnerability

CVE ID : CVE-2025-55585 Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval() function. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 20:15:00 GMT

read more

CVE-2025-43731 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43731 Published : Aug. 18, 2025, 7:15 p.m. | 7 hours, 29 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows an remote authenticated user to inject JavaScript in message board threads and categories. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 19:15:00 GMT

read more

CVE-2025-55300 - Komari WebSocket Origin Bypass Remote Code Execution Vulnerability

CVE ID : CVE-2025-55300 Published : Aug. 18, 2025, 6:15 p.m. | 8 hours, 29 minutes ago Description : Komari is a lightweight, self-hosted server monitoring tool designed to provide a simple and efficient solution for monitoring server performance. Prior to 1.0.4-fix1, WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking (CSWSH) attacks against authenticated users. Any third party website can send requests to the terminal websocket endpoint with browser's cookies, resulting in remote code execution. This vulnerability is fixed in 1.0.4-fix1. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-7693 - "Vulnerability in CIP Controller Malformed Packet Handling"

CVE ID : CVE-2025-7693 Published : Aug. 18, 2025, 6:15 p.m. | 8 hours, 29 minutes ago Description : A security issue exists due to improper handling of malformed CIP Forward Close packets during fuzzing. The controller enters a solid red Fault LED state and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF015. To recover, clear the fault. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-55293 - Meshtastic PublicKey Overwrite Vulnerability

CVE ID : CVE-2025-55293 Published : Aug. 18, 2025, 6:15 p.m. | 3 hours, 53 minutes ago Description : Meshtastic is an open source mesh networking solution. Prior to v2.6.3, an attacker can send NodeInfo with a empty publicKey first, then overwrite it with a new key. First sending a empty key bypasses 'if (p.public_key.size > 0) {', clearing the existing publicKey (and resetting the size to 0) for a known node. Then a new key bypasses 'if (info->user.public_key.size > 0) {', and this malicious key is stored in NodeDB. This vulnerability is fixed in 2.6.3. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-55296 - LibreNMS Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-55296 Published : Aug. 18, 2025, 6:15 p.m. | 3 hours, 53 minutes ago Description : librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting (XSS) vulnerability exists in LibreNMS ( 25.6.0) in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template is rendered, potentially compromising other admin accounts. This vulnerability is fixed in 25.8.0. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-55299 - VaulTLS Empty Password Authentication Bypass

CVE ID : CVE-2025-55299 Published : Aug. 18, 2025, 6:15 p.m. | 3 hours, 53 minutes ago Description : VaulTLS is a modern solution for managing mTLS (mutual TLS) certificates. Prior to 0.9.1, user accounts created through the User web UI have an empty but not NULL password set, attackers can use this to login with an empty password. This is combined with that fact, that previously disabling the password based login only effected the frontend, but still allowed login via the API. This vulnerability is fixed in 0.9.1. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 18:15:00 GMT

read more

CVE-2025-55287 - Genealogy Family Tree Authenticated Stored Cross-Site Scripting

CVE ID : CVE-2025-55287 Published : Aug. 18, 2025, 5:15 p.m. | 4 hours, 53 minutes ago Description : Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Stored Cross-Site Scripting (XSS) vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI manipulation. This vulnerability is fixed in 4.4.0. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55288 - Genealogy PHP Authenticated Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-55288 Published : Aug. 18, 2025, 5:15 p.m. | 4 hours, 53 minutes ago Description : Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting (XSS) vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI manipulation. This vulnerability is fixed in 4.4.0. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55291 - Shaarli Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-55291 Published : Aug. 18, 2025, 5:15 p.m. | 4 hours, 53 minutes ago Description : Shaarli is a minimalist bookmark manager and link sharing service. Prior to 0.15.0, the input string in the cloud tag page is not properly sanitized. This allows the tag to be prematurely closed, leading to a reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability is fixed in 0.15.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-3639 - Liferay Portal Authentication Bypass

CVE ID : CVE-2025-3639 Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago Description : Liferay Portal 7.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 and 7.3 GA through update 36 allows unauthenticated users with valid credentials to bypass the login process by changing the POST method to GET, once the site has MFA enabled. Severity: 2.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-54234 - ColdFusion SSRF File System Read Vulnerability

CVE ID : CVE-2025-54234 Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to limited file system read. A high-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction. Severity: 2.2 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55201 - "Apache Airflow Copier Library and CLI App File Access Vulnerability"

CVE ID : CVE-2025-55201 Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago Description : Copier library and CLI app for rendering project templates. Prior to 9.9.1, a safe template can currently read and write arbitrary files because Copier exposes a few pathlib.Path objects in the Jinja context which have unconstrained I/O methods. This effectively renders the security model w.r.t. filesystem access useless. This vulnerability is fixed in 9.9.1. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55205 - Capsule Kubernetes Namespace Label Injection Vulnerability

CVE ID : CVE-2025-55205 Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago Description : Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces (kube-system, default, capsule-system), bypassing multi-tenant isolation and potentially accessing cross-tenant resources through TenantResource selectors. This vulnerability enables privilege escalation and violates the fundamental security boundaries that Capsule is designed to enforce. This vulnerability is fixed in 0.10.4. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55214 - Copier Path Traversal Vulnerability

CVE ID : CVE-2025-55214 Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago Description : Copier library and CLI app for rendering project templates. From 7.1.0 to before 9.9.1, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write files outside the destination path where a project shall be generated or updated. This is possible when rendering a generated directory structure whose rendered path is either a relative parent path or an absolute path. Constructing such paths is possible using Copier's builtin pathjoin Jinja filter and its builtin _copier_conf.sep variable, which is the platform-native path separator. This way, a malicious template author can create a template that overwrites arbitrary files (according to the user's write permissions), e.g., to cause havoc. This vulnerability is fixed in 9.9.1. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55282 - Aiven Db-Migrate Privilege Escalation Vulnerability

CVE ID : CVE-2025-55282 Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago Description : aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of search_path restriction, an attacker can override pg_catalog and execute untrusted operators as a superuser. This vulnerability is fixed in 1.0.7. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-55283 - Aiven DB Migrate Privilege Escalation Vulnerability

CVE ID : CVE-2025-55283 Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago Description : aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows elevation to superuser inside PostgreSQL databases during a migration from an untrusted source server. The vulnerability stems from psql executing commands embedded in a dump from the source server. This vulnerability is fixed in 1.0.7. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 17:15:00 GMT

read more

CVE-2025-54117 - NamelessMC Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-54117 Published : Aug. 18, 2025, 4:15 p.m. | 3 hours, 53 minutes ago Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text editor component. This vulnerability is fixed in 2.2.4. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 16:15:00 GMT

read more

CVE-2025-54118 - NamelessMC Unauthenticated Sensitive Information Disclosure

CVE ID : CVE-2025-54118 Published : Aug. 18, 2025, 4:15 p.m. | 3 hours, 53 minutes ago Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is fixed in 2.2.4. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 16:15:00 GMT

read more

CVE-2025-54421 - NamelessMC Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54421 Published : Aug. 18, 2025, 4:15 p.m. | 3 hours, 53 minutes ago Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.4 allows remote authenticated attackers to inject arbitrary web script or HTML via the default_keywords crafted parameter. This vulnerability is fixed in 2.2.4. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 16:15:00 GMT

read more

CVE-2025-27909 - IBM Concert Software CORS Privilege Escalation

CVE ID : CVE-2025-27909 Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted domains. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-33090 - IBM Concert Software Regular Expression Denial of Service

CVE ID : CVE-2025-33090 Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to cause a denial of service using a specially crafted regular expression that would cause excessive resource consumption. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-33100 - IBM Concert Software Credentials Hardcoding Vulnerability

CVE ID : CVE-2025-33100 Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-36120 - IBM Storage Virtualize SSH Privilege Escalation Vulnerability

CVE ID : CVE-2025-36120 Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago Description : IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-43732 - Liferay Portal Liferay Roles Selector IDOR

CVE ID : CVE-2025-43732 Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to Insecure Direct Object Reference (IDOR) in the groupId parameter of the _com_liferay_roles_selector_web_portlet_RolesSelectorPortlet_groupId. When an organization administrator modifies this parameter id value, they can gain unauthorized access to user lists from other organizations. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-4962 - Lunary API IDOR

CVE ID : CVE-2025-4962 Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago Description : An Insecure Direct Object Reference (IDOR) vulnerability was identified in the `POST /v1/templates` endpoint of the Lunary API, affecting versions up to 0.8.8. This vulnerability allows authenticated users to create templates in another user's project by altering the `projectId` query parameter. The root cause of this issue is the absence of server-side validation to ensure that the authenticated user owns the specified `projectId`. The vulnerability has been addressed in version 1.9.23. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2024-49827 - IBM Concert Software Information Disclosure

CVE ID : CVE-2024-49827 Published : Aug. 18, 2025, 2:15 p.m. | 3 hours, 51 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information without proper filtering. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-1759 - IBM Concert Software Heap Information Disclosure Vulnerability

CVE ID : CVE-2025-1759 Published : Aug. 18, 2025, 2:15 p.m. | 3 hours, 51 minutes ago Description : IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 14:15:00 GMT

read more

CVE-2025-43733 - Liferay Portal Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-43733 Published : Aug. 18, 2025, 1:15 p.m. | 4 hours, 51 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This malicious payload is then reflected and executed within the user's browser when viewing the "document View Usages" page. Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 13:15:00 GMT

read more

CVE-2025-41242 - Apache Tomcat and Eclipse Jetty Spring Framework MVC Path Traversal Vulnerability

CVE ID : CVE-2025-41242 Published : Aug. 18, 2025, 9:15 a.m. | 8 hours, 51 minutes ago Description : Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: * the application is deployed as a WAR or with an embedded Servlet container * the Servlet container does not reject suspicious sequences https://jakarta.ee/specifications/servlet/6.1/jakarta-servlet-spec-6.1.html#uri-path-canonicalization * the application serves static resources https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-config/static-resources.html#page-title with Spring resource handling We have verified that applications deployed on Apache Tomcat or Eclipse Jetty are not vulnerable, as long as default security features are not disabled in the configuration. Because we cannot check exploits against all Servlet containers and configuration variants, we strongly recommend upgrading your application. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 09:15:00 GMT

read more

CVE-2025-47206 - File Station Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-47206 Published : Aug. 18, 2025, 9:15 a.m. | 8 hours, 51 minutes ago Description : An out-of-bounds write vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4933 and later Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 09:15:00 GMT

read more

CVE-2025-5296 - Apache Link Following Privilege Escalation

CVE ID : CVE-2025-5296 Published : Aug. 18, 2025, 8:15 a.m. | 9 hours, 51 minutes ago Description : CWE-59: Improper Link Resolution Before File Access ('Link Following') vulnerability exists that could cause arbitrary data to be written to protected locations, potentially leading to escalation of privilege, arbitrary file corruption, exposure of application and system information or persistent denial of service when a low-privileged attacker tampers with the installation folder. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 08:15:00 GMT

read more

CVE-2025-57700 - DIAEnergie Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-57700 Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago Description : DIAEnergie - Stored Cross-site Scripting Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-57701 - DIAEnergie Reflected Cross-site Scripting Vulnerability

CVE ID : CVE-2025-57701 Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago Description : DIAEnergie - Reflected Cross-site Scripting Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-57702 - DIAEnergie Reflected Cross-site Scripting

CVE ID : CVE-2025-57702 Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago Description : DIAEnergie - Reflected Cross-site Scripting Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-57703 - DIAEnergie Reflected Cross-site Scripting Vulnerability

CVE ID : CVE-2025-57703 Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago Description : DIAEnergie - Reflected Cross-site Scripting Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-6625 - Cisco FTP Denial Of Service

CVE ID : CVE-2025-6625 Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago Description : CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 07:15:00 GMT

read more

CVE-2025-9108 - Apache Struts Cross-Site Scripting (XSS)

CVE ID : CVE-2025-9108 Published : Aug. 18, 2025, 6:15 a.m. | 10 hours, 57 minutes ago Description : Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of rendered ui layers. It is possible to launch the attack remotely. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 06:15:00 GMT

read more

CVE-2025-9109 - Portabilis i-Diario Password Recovery Endpoint Remote Response Discrepancy Vulnerability

CVE ID : CVE-2025-9109 Published : Aug. 18, 2025, 6:15 a.m. | 10 hours, 57 minutes ago Description : A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response discrepancy. It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitation appears to be difficult. The exploit has been released to the public and may be exploited. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 06:15:00 GMT

read more

CVE-2025-9106 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9106 Published : Aug. 18, 2025, 5:15 a.m. | 11 hours, 57 minutes ago Description : A vulnerability was found in Portabilis i-Diario up to 1.5.0. This affects an unknown function of the file /planos-de-ensino-por-disciplina/ of the component Informações Adicionais Page. Performing manipulation of the argument Parecer/Conteúdos/Objetivos results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 05:15:00 GMT

read more

CVE-2025-9107 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9107 Published : Aug. 18, 2025, 5:15 a.m. | 11 hours, 57 minutes ago Description : A vulnerability was determined in Portabilis i-Diario up to 1.5.0. This impacts an unknown function of the file /alunos/search_autocomplete. Executing manipulation of the argument q can lead to cross site scripting. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 05:15:00 GMT

read more

CVE-2025-9105 - Portabilis i-Diario Cross Site Scripting Vulnerability

CVE ID : CVE-2025-9105 Published : Aug. 18, 2025, 4:15 a.m. | 12 hours, 57 minutes ago Description : A vulnerability has been found in Portabilis i-Diario up to 1.5.0. The impacted element is an unknown function of the file /planos-de-ensino-por-areas-de-conhecimento/ of the component Informações Adicionais Page. Such manipulation of the argument Parecer/Conteúdos/Objetivos leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 04:15:00 GMT

read more

CVE-2025-9103 - ZenCart CKEditor Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9103 Published : Aug. 18, 2025, 4:15 a.m. | 11 hours, 52 minutes ago Description : A vulnerability was detected in ZenCart 2.1.0. Affected by this vulnerability is an unknown functionality of the component CKEditor. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor declares this as "intended behavior, allowed for authorized administrators". Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 04:15:00 GMT

read more

CVE-2025-9104 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9104 Published : Aug. 18, 2025, 4:15 a.m. | 11 hours, 52 minutes ago Description : A flaw has been found in Portabilis i-Diario up to 1.5.0. The affected element is an unknown function of the file /planos-de-aulas-por-disciplina/ of the component Informações Adicionais Page. This manipulation of the argument Parecer/Objeto de Conhecimento/Habilidades causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 04:15:00 GMT

read more

CVE-2025-9102 - "11 Mail Media mail.com App Android Improper Component Export Vulnerability"

CVE ID : CVE-2025-9102 Published : Aug. 18, 2025, 3:15 a.m. | 12 hours, 52 minutes ago Description : A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 03:15:00 GMT

read more

CVE-2025-9101 - Zhenfeng13 My-Blog Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9101 Published : Aug. 18, 2025, 3:15 a.m. | 10 hours, 52 minutes ago Description : A weakness has been identified in zhenfeng13 My-Blog up to 1.0.0. This issue affects some unknown processing of the file /admin/tags/save of the component Tag Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 03:15:00 GMT

read more

CVE-2025-9100 - Zhenfeng13 My-Blog Authentication Bypass Vulnerability

CVE ID : CVE-2025-9100 Published : Aug. 18, 2025, 2:15 a.m. | 11 hours, 52 minutes ago Description : A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /blog/comment of the component Frontend Blog Article Comment Handler. The manipulation leads to authentication bypass by capture-replay. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 02:15:00 GMT

read more

CVE-2025-31713 - F5 Networks Engineer Mode Command Injection Vulnerability

CVE ID : CVE-2025-31713 Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago Description : In engineer mode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-31714 - Apache HTTP Server Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-31714 Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago Description : In Developer Tools, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-31715 - Vowifi Command Injection Vulnerability

CVE ID : CVE-2025-31715 Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago Description : In vowifi service, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-9098 - "Elseplus File Recovery App Android Component Export Vulnerability"

CVE ID : CVE-2025-9098 Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago Description : A vulnerability was determined in Elseplus File Recovery App 4.4.21 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-9099 - Acrel Environmental Monitoring Cloud Platform Remote File Upload Vulnerability

CVE ID : CVE-2025-9099 Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago Description : A vulnerability was identified in Acrel Environmental Monitoring Cloud Platform up to 20250804. This affects an unknown part of the file /NewsManage/UploadNewsImg. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 01:15:00 GMT

read more

CVE-2025-9097 - Euro Information CIC Banque et Compte en Ligne Android Improper Export of Application Components Vulnerability

CVE ID : CVE-2025-9097 Published : Aug. 18, 2025, 12:15 a.m. | 13 hours, 52 minutes ago Description : A vulnerability was found in Euro Information CIC banque et compte en ligne App 12.56.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cic_prod.bad. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 00:15:00 GMT

read more

CVE-2025-9096 - ExpressGateway Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9096 Published : Aug. 18, 2025, 12:15 a.m. | 11 hours, 51 minutes ago Description : A vulnerability has been found in ExpressGateway express-gateway up to 1.16.10. Affected is an unknown function in the library lib/rest/routes/apps.js of the component REST Endpoint. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 18 Aug 2025 00:15:00 GMT

read more

CVE-2025-7342 - Kubernetes Image Builder Default Credentials Vulnerability

CVE ID : CVE-2025-7342 Published : Aug. 17, 2025, 11:15 p.m. | 8 hours, 39 minutes ago Description : A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the image build process. Additionally, virtual machine images built using the Nutanix or the OVA provider do not disable these default credentials, and nodes using the resulting images may be accessible via these default credentials. The credentials can be used to gain root access. Kubernetes clusters are only affected if their Windows nodes use VM images created via the Image Builder project with its Nutanix or OVA provider. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 17 Aug 2025 23:15:00 GMT

read more

CVE-2025-9094 - ThingsBoard Template Engine Remote Code Injection Vulnerability

CVE ID : CVE-2025-9094 Published : Aug. 17, 2025, 11:15 p.m. | 8 hours, 39 minutes ago Description : A vulnerability was detected in ThingsBoard 4.1. This vulnerability affects unknown code of the component Add Gateway Handler. The manipulation leads to improper neutralization of special elements used in a template engine. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor replies, that "[t]he fix will come within upcoming release (v4.2) and will be inherited by maintenance releases of LTS versions (starting 4.0)." Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 17 Aug 2025 23:15:00 GMT

read more

CVE-2025-9095 - ExpressGateway Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9095 Published : Aug. 17, 2025, 11:15 p.m. | 8 hours, 39 minutes ago Description : A flaw has been found in ExpressGateway express-gateway up to 1.16.10. This issue affects some unknown processing in the library lib/rest/routes/users.js of the component REST Endpoint. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 17 Aug 2025 23:15:00 GMT

read more

CVE-2025-9093 - BuzzFeed App Android Improper Component Export Vulnerability

CVE ID : CVE-2025-9093 Published : Aug. 17, 2025, 10:15 p.m. | 8 hours, 15 minutes ago Description : A security vulnerability has been detected in BuzzFeed App 2024.9 on Android. This affects an unknown part of the file AndroidManifest.xml of the component com.buzzfeed.android. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 17 Aug 2025 22:15:00 GMT

read more

CVE-2025-9090 - Tenda Telnet Service Command Injection

CVE ID : CVE-2025-9090 Published : Aug. 17, 2025, 3:15 a.m. | 1 day, 3 hours ago Description : A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 17 Aug 2025 03:15:00 GMT

read more

CVE-2025-9091 - Tenda AC20 Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-9091 Published : Aug. 17, 2025, 3:15 a.m. | 1 day, 3 hours ago Description : A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an unknown functionality of the file /etc_ro/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 17 Aug 2025 03:15:00 GMT

read more

CVE-2025-9089 - Tenda AC20 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9089 Published : Aug. 17, 2025, 12:15 a.m. | 1 day, 6 hours ago Description : A vulnerability was determined in Tenda AC20 16.03.08.12. This issue affects the function sub_48E628 of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 17 Aug 2025 00:15:00 GMT

read more

CVE-2025-9088 - Tenda AC20 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9088 Published : Aug. 16, 2025, 11:15 p.m. | 1 day, 7 hours ago Description : A vulnerability was found in Tenda AC20 16.03.08.12. This vulnerability affects the function save_virtualser_data of the file /goform/formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 23:15:00 GMT

read more

CVE-2025-9087 - Tenda AC20 Stack-Based Buffer Overflow

CVE ID : CVE-2025-9087 Published : Aug. 16, 2025, 11:15 p.m. | 1 day, 6 hours ago Description : A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function set_qosMib_list of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 23:15:00 GMT

read more

CVE-2023-4515 - "KSMBD SMB2 Command Size Validation Vulnerability"

CVE ID : CVE-2023-4515 Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 15 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed ("ksmbd: validate command payload size"), except for SMB2_OPLOCK_BREAK_HE command, the request size of other commands is not checked, it's not expected. Fix it by add check for request size of other commands. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-32249 - Samba Linux kernel Guest User Access Multichannel Vulnerability

CVE ID : CVE-2023-32249 Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: not allow guest user on multichannel This patch return STATUS_NOT_SUPPORTED if binding session is guest. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-3865 - KSMultiMediaBroadcaster Out-of-Bounds Read Vulnerability

CVE ID : CVE-2023-3865 Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2_write ksmbd_smb2_check_message doesn't validate hdr->NextCommand. If ->NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in smb2_write. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-3866 - Samba ksmbd NULL Pointer Dereference

CVE ID : CVE-2023-3866 Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in the compound request This patch validate session id and tree id in compound request. If first operation in the compound is SMB2 ECHO request, ksmbd bypass session and tree validation. So work->sess and work->tcon could be NULL. If secound request in the compound access work->sess or tcon, It cause NULL pointer dereferecing error. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-3867 - Kerberos SMB Out-of-Bounds Read Vulnerability

CVE ID : CVE-2023-3867 Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds read in smb2_sess_setup ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first payload in the smb2_sess_setup(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-4130 - Kerberos SMBd Buffer Length Validation Overflow

CVE ID : CVE-2023-4130 Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea() There are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request from client. ksmbd find next smb2_ea_info using ->NextEntryOffset of current smb2_ea_info. ksmbd need to validate buffer length Before accessing the next ea. ksmbd should check buffer length using buf_len, not next variable. next is the start offset of current ea that got from previous ea. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2023-32246 - Linux Kernel - Ksmbd RCU Callback Racy Unload Vulnerability

CVE ID : CVE-2023-32246 Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 12 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: call rcu_barrier() in ksmbd_server_exit() racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcu_barrier() is not called at module unload time, so nothing prevents ksmbd from getting unloaded while it still has RCU callbacks pending. It leads to trigger unintended execution of kernel code locally and use to defeat protections such as Kernel Lockdown Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 14:15:00 GMT

read more

CVE-2025-8878 - ProfilePress WordPress Arbitrary Shortcode Execution Vulnerability

CVE ID : CVE-2025-8878 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 14 hours ago Description : The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.4. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-8143 - Soledad WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-8143 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 13 hours ago Description : The Soledad theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pcsml_smartlists_h’ parameter in all versions up to, and including, 8.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38548 - Corsair CPro Buffer Overflow Vulnerability

CVE ID : CVE-2025-38548 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: hwmon: (corsair-cpro) Validate the size of the received input buffer Add buffer_recv_size to store the size of the received bytes. Validate buffer_recv_size in send_usb_cmd(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38549 - Linux efivarfs Memory Leak

CVE ID : CVE-2025-38549 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths When processing mount options, efivarfs allocates efivarfs_fs_info (sfi) early in fs_context initialization. However, sfi is associated with the superblock and typically freed when the superblock is destroyed. If the fs_context is released (final put) before fill_super is called—such as on error paths or during reconfiguration—the sfi structure would leak, as ownership never transfers to the superblock. Implement the .free callback in efivarfs_context_ops to ensure any allocated sfi is properly freed if the fs_context is torn down before fill_super, preventing this memory leak. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38550 - Linux Kernel IPv6 Multicast Delayed Put Reference Vulnerability

CVE ID : CVE-2025-38550 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc->idev in mld_del_delrec() pmc->idev is still used in ip6_mc_clear_src(), so as mld_clear_delrec() does, the reference should be put after ip6_mc_clear_src() return. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38551 - "Virtio-Net Deadlock Vulnerability"

CVE ID : CVE-2025-38551 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnl_lock() during probe() The deadlock appears in a stack trace like: virtnet_probe() rtnl_lock() virtio_config_changed_work() netdev_notify_peers() rtnl_lock() It happens if the VMM sends a VIRTIO_NET_S_ANNOUNCE request while the virtio-net driver is still probing. The config_work in probe() will get scheduled until virtnet_open() enables the config change notification via virtio_config_driver_enable(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38552 - Linux Kernel MPTCP Subflow Creation Race Condition Vulnerability

CVE ID : CVE-2025-38552 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution is similar. Use a separate flag to track the condition 'socket state prevent any additional subflow creation' protected by the fallback lock. The socket fallback makes such flag true, and also receiving or sending an MP_FAIL option. The field 'allow_infinite_fallback' is now always touched under the relevant lock, we can drop the ONCE annotation on write. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-8105 - Soledad Theme for WordPress Shortcode Execution Vulnerability

CVE ID : CVE-2025-8105 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago Description : The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.6.7. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-8142 - Soledad Theme for WordPress Local File Inclusion Vulnerability

CVE ID : CVE-2025-8142 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago Description : The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'header_layout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38544 - Linux Kernel rxrpc Call ID Preallocation Collision Vulnerability

CVE ID : CVE-2025-38544 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 9 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AF_RXRPC to provide a server, it has to preallocate incoming calls and assign to them call IDs that will be used to thread related recvmsg() and sendmsg() together. The preallocated call IDs will automatically be attached to calls as they come in until the pool is empty. To the kernel, the call IDs are just arbitrary numbers, but userspace can use the call ID to hold a pointer to prepared structs. In any case, the user isn't permitted to create two calls with the same call ID (call IDs become available again when the call ends) and EBADSLT should result from sendmsg() if an attempt is made to preallocate a call with an in-use call ID. However, the cleanup in the error handling will trigger both assertions in rxrpc_cleanup_call() because the call isn't marked complete and isn't marked as having been released. Fix this by setting the call state in rxrpc_service_prealloc_one() and then marking it as being released before calling the cleanup function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38545 - Cisco Linux Kernel Netdev Allocation Vulnerability

CVE ID : CVE-2025-38545 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 9 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info While transitioning from netdev_alloc_ip_align() to build_skb(), memory for the "skb_shared_info" member of an "skb" was not allocated. Fix this by allocating "PAGE_SIZE" as the skb length, accounting for the packet length, headroom and tailroom, thereby including the required memory space for skb_shared_info. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38546 - Linux ATM Clip VCC Memory Leak

CVE ID : CVE-2025-38546 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 9 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clip_vcc. ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to vcc->user_back. The code assumes that vcc_destroy_socket() passes NULL skb to vcc->push() when the socket is close()d, and then clip_push() frees clip_vcc. However, ioctl(ATMARPD_CTRL) sets NULL to vcc->push() in atm_init_atmarp(), resulting in memory leak. Let's serialise two ioctl() by lock_sock() and check vcc->push() in atm_init_atmarp() to prevent memleak. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38547 - Linux AXP717 ADC Channel Map Sentinel Vulnerability

CVE ID : CVE-2025-38547 Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 9 hours ago Description : In the Linux kernel, the following vulnerability has been resolved: iio: adc: axp20x_adc: Add missing sentinel to AXP717 ADC channel maps The AXP717 ADC channel maps is missing a sentinel entry at the end. This causes a KASAN warning. Add the missing sentinel entry. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38542 - Linux Kernel Device Refcount Leak Vulnerability in Appletalk Net Driver

CVE ID : CVE-2025-38542 Published : Aug. 16, 2025, 12:15 p.m. | 14 hours, 4 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix device refcount leak in atrtr_create() When updating an existing route entry in atrtr_create(), the old device reference was not being released before assigning the new device, leading to a device refcount leak. Fix this by calling dev_put() to release the old device reference before holding the new one. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38543 - Tegra DRM DMA API Misuse Vulnerability

CVE ID : CVE-2025-38543 Published : Aug. 16, 2025, 12:15 p.m. | 14 hours, 4 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/tegra: nvdec: Fix dma_alloc_coherent error check Check for NULL return value with dma_alloc_coherent, in line with Robin's fix for vic.c in 'drm/tegra: vic: Fix DMA API misuse'. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38541 - "Qualcomm Atheros mt76 WiFi Null Pointer Dereference Vulnerability"

CVE ID : CVE-2025-38541 Published : Aug. 16, 2025, 12:15 p.m. | 12 hours, 4 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() devm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38539 - Linux kernel: Tracing Module Event Corruption

CVE ID : CVE-2025-38539 Published : Aug. 16, 2025, 12:15 p.m. | 9 hours, 25 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: tracing: Add down_write(trace_event_sem) when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum names with their values. If two modules are loaded at the same time, the adding of the event to the ftrace_events list can corrupt the walking of the list in the code that is modifying the printk format strings and crash the kernel. The addition of the event should take the trace_event_sem for write while it adds the new event. Also add a lockdep_assert_held() on that semaphore in __trace_add_event_dirs() as it iterates the list. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38540 - Chicony Electronics HP 5MP Cameras HID Sensor Interface Exposé

CVE ID : CVE-2025-38540 Published : Aug. 16, 2025, 12:15 p.m. | 9 hours, 25 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras The Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 & 04F2:B82C) report a HID sensor interface that is not actually implemented. Attempting to access this non-functional sensor via iio_info causes system hangs as runtime PM tries to wake up an unresponsive sensor. Add these 2 devices to the HID ignore list since the sensor interface is non-functional by design and should not be exposed to userspace. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38532 - Linux libwx Rx Ring Descriptor Reset Vulnerability

CVE ID : CVE-2025-38532 Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature changes such as toggling Rx VLAN offload, wx->do_reset() is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values from previous sessions. And only set the length to 0 in rx_desc[0] would result in building malformed SKBs. Fix it to ensure a clean slate after device reset. [ 549.186435] [ C16] ------------[ cut here ]------------ [ 549.186457] [ C16] kernel BUG at net/core/skbuff.c:2814! [ 549.186468] [ C16] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 549.186472] [ C16] CPU: 16 UID: 0 PID: 0 Comm: swapper/16 Kdump: loaded Not tainted 6.16.0-rc4+ #23 PREEMPT(voluntary) [ 549.186476] [ C16] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024 [ 549.186478] [ C16] RIP: 0010:__pskb_pull_tail+0x3ff/0x510 [ 549.186484] [ C16] Code: 06 f0 ff 4f 34 74 7b 4d 8b 8c 24 c8 00 00 00 45 8b 84 24 c0 00 00 00 e9 c8 fd ff ff 48 c7 44 24 08 00 00 00 00 e9 5e fe ff ff 0b 31 c0 e9 23 90 5b ff 41 f7 c6 ff 0f 00 00 75 bf 49 8b 06 a8 [ 549.186487] [ C16] RSP: 0018:ffffb391c0640d70 EFLAGS: 00010282 [ 549.186490] [ C16] RAX: 00000000fffffff2 RBX: ffff8fe7e4d40200 RCX: 00000000fffffff2 [ 549.186492] [ C16] RDX: ffff8fe7c3a4bf8e RSI: 0000000000000180 RDI: ffff8fe7c3a4bf40 [ 549.186494] [ C16] RBP: ffffb391c0640da8 R08: ffff8fe7c3a4c0c0 R09: 000000000000000e [ 549.186496] [ C16] R10: ffffb391c0640d88 R11: 000000000000000e R12: ffff8fe7e4d40200 [ 549.186497] [ C16] R13: 00000000fffffff2 R14: ffff8fe7fa01a000 R15: 00000000fffffff2 [ 549.186499] [ C16] FS: 0000000000000000(0000) GS:ffff8fef5ae40000(0000) knlGS:0000000000000000 [ 549.186502] [ C16] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 549.186503] [ C16] CR2: 00007f77d81d6000 CR3: 000000051a032000 CR4: 0000000000750ef0 [ 549.186505] [ C16] PKRU: 55555554 [ 549.186507] [ C16] Call Trace: [ 549.186510] [ C16] [ 549.186513] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186517] [ C16] __skb_pad+0xc7/0xf0 [ 549.186523] [ C16] wx_clean_rx_irq+0x355/0x3b0 [libwx] [ 549.186533] [ C16] wx_poll+0x92/0x120 [libwx] [ 549.186540] [ C16] __napi_poll+0x28/0x190 [ 549.186544] [ C16] net_rx_action+0x301/0x3f0 [ 549.186548] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186551] [ C16] ? __raw_spin_lock_irqsave+0x1e/0x50 [ 549.186554] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186557] [ C16] ? wake_up_nohz_cpu+0x35/0x160 [ 549.186559] [ C16] ? srso_alias_return_thunk+0x5/0xfbef5 [ 549.186563] [ C16] handle_softirqs+0xf9/0x2c0 [ 549.186568] [ C16] __irq_exit_rcu+0xc7/0x130 [ 549.186572] [ C16] common_interrupt+0xb8/0xd0 [ 549.186576] [ C16] [ 549.186577] [ C16] [ 549.186579] [ C16] asm_common_interrupt+0x22/0x40 [ 549.186582] [ C16] RIP: 0010:cpuidle_enter_state+0xc2/0x420 [ 549.186585] [ C16] Code: 00 00 e8 11 0e 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 0d ed 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d [ 549.186587] [ C16] RSP: 0018:ffffb391c0277e78 EFLAGS: 00000246 [ 549.186590] [ C16] RAX: ffff8fef5ae40000 RBX: 0000000000000003 RCX: 0000000000000000 [ 549.186591] [ C16] RDX: 0000007fde0faac5 RSI: ffffffff826e53f6 RDI: ffffffff826fa9b3 [ 549.186593] [ C16] RBP: ffff8fe7c3a20800 R08: 0000000000000002 R09: 0000000000000000 [ 549.186595] [ C16] R10: 0000000000000000 R11: 000000000000ffff R12: ffffffff82ed7a40 [ 549.186596] [ C16] R13: 0000007fde0faac5 R14: 0000000000000003 R15: 0000000000000000 [ 549.186601] [ C16] ? cpuidle_enter_state+0xb3/0x420 [ 549.186605] [ C16] cpuidle_en ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38533 - Linux Kernel DMA Use-After-Free Vulnerability in wx_rx_buffer

CVE ID : CVE-2025-38533 Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix the using of Rx buffer DMA The wx_rx_buffer structure contained two DMA address fields: 'dma' and 'page_dma'. However, only 'page_dma' was actually initialized and used to program the Rx descriptor. But 'dma' was uninitialized and used in some paths. This could lead to undefined behavior, including DMA errors or use-after-free, if the uninitialized 'dma' was used. Althrough such error has not yet occurred, it is worth fixing in the code. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38534 - Ceph Linux Kernel NETFS Request Offload Collection Vulnerability

CVE ID : CVE-2025-38534 Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: netfs: Fix copy-to-cache so that it performs collection with ceph+fscache The netfs copy-to-cache that is used by Ceph with local caching sets up a new request to write data just read to the cache. The request is started and then left to look after itself whilst the app continues. The request gets notified by the backing fs upon completion of the async DIO write, but then tries to wake up the app because NETFS_RREQ_OFFLOAD_COLLECTION isn't set - but the app isn't waiting there, and so the request just hangs. Fix this by setting NETFS_RREQ_OFFLOAD_COLLECTION which causes the notification from the backing filesystem to put the collection onto a work queue instead. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38535 - Linux Kernel Tegra XUSB Regulator Unbalanced Disable Vulnerability

CVE ID : CVE-2025-38535 Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode When transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code assumed that the regulator should be disabled. However, if the regulator is marked as always-on, regulator_is_enabled() continues to return true, leading to an incorrect attempt to disable a regulator which is not enabled. This can result in warnings such as: [ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004 _regulator_disable+0xe4/0x1a0 [ 250.155652] unbalanced disables for VIN_SYS_5V0 To fix this, we move the regulator control logic into tegra186_xusb_padctl_id_override() function since it's directly related to the ID override state. The regulator is now only disabled when the role transitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID register. This ensures that regulator enable/disable operations are properly balanced and only occur when actually transitioning to/from host mode. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38536 - "Airoha Linux Kernel Use-After-Free Vulnerability"

CVE ID : CVE-2025-38536 Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airoha_npu_get() np->name was being used after calling of_node_put(np), which releases the node and can lead to a use-after-free bug. Previously, of_node_put(np) was called unconditionally after of_find_device_by_node(np), which could result in a use-after-free if pdev is NULL. This patch moves of_node_put(np) after the error check to ensure the node is only released after both the error and success cases are handled appropriately, preventing potential resource issues. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38537 - Linux Kernel: Net PHY LED Registration Vulnerability

CVE ID : CVE-2025-38537 Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: phy: Don't register LEDs for genphy If a PHY has no driver, the genphy driver is probed/removed directly in phy_attach/detach. If the PHY's ofnode has an "leds" subnode, then the LEDs will be (un)registered when probing/removing the genphy driver. This could occur if the leds are for a non-generic driver that isn't loaded for whatever reason. Synchronously removing the PHY device in phy_detach leads to the following deadlock: rtnl_lock() ndo_close() ... phy_detach() phy_remove() phy_leds_unregister() led_classdev_unregister() led_trigger_set() netdev_trigger_deactivate() unregister_netdevice_notifier() rtnl_lock() There is a corresponding deadlock on the open/register side of things (and that one is reported by lockdep), but it requires a race while this one is deterministic. Generic PHYs do not support LEDs anyway, so don't bother registering them. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38538 - Linux Kernel DMAengine nbpfaxi Memory Corruption Vulnerability

CVE ID : CVE-2025-38538 Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fix memory corruption in probe() The nbpf->chan[] array is allocated earlier in the nbpf_probe() function and it has "num_channels" elements. These three loops iterate one element farther than they should and corrupt memory. The changes to the second loop are more involved. In this case, we're copying data from the irqbuf[] array into the nbpf->chan[] array. If the data in irqbuf[i] is the error IRQ then we skip it, so the iterators are not in sync. I added a check to ensure that we don't go beyond the end of the irqbuf[] array. I'm pretty sure this can't happen, but it seemed harmless to add a check. On the other hand, after the loop has ended there is a check to ensure that the "chan" iterator is where we expect it to be. In the original code we went one element beyond the end of the array so the iterator wasn't in the correct place and it would always return -EINVAL. However, now it will always be in the correct place. I deleted the check since we know the result. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 12:15:00 GMT

read more

CVE-2025-38503 - Here is the title:Apache Linux Btrfs Free Space Tree Vulnerability

CVE ID : CVE-2025-38503 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion when building free space tree When building the free space tree with the block group tree feature enabled, we can hit an assertion failure like this: BTRFS info (device loop0 state M): rebuilding free space tree assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102 ------------[ cut here ]------------ kernel BUG at fs/btrfs/free-space-tree.c:1102! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP Modules linked in: CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 sp : ffff8000a4ce7600 x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8 x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001 x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160 x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0 x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00 x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0 x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e Call trace: populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P) btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337 btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074 btrfs_remount_rw fs/btrfs/super.c:1319 [inline] btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543 reconfigure_super+0x1d4/0x6f0 fs/super.c:1083 do_remount fs/namespace.c:3365 [inline] path_mount+0xb34/0xde0 fs/namespace.c:4200 do_mount fs/namespace.c:4221 [inline] __do_sys_mount fs/namespace.c:4432 [inline] __se_sys_mount fs/namespace.c:4409 [inline] __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 Code: f0047182 91178042 528089c3 9771d47b (d4210000) ---[ end trace 0000000000000000 ]--- This happens because we are processing an empty block group, which has no extents allocated from it, there are no items for this block group, including the block group item since block group items are stored in a dedicated tree when using the block group tree feature. It also means this is the block group with the highest start offset, so there are no higher keys in the extent root, hence btrfs_search_slot_for_read() returns 1 (no higher key found). Fix this by asserting 'ret' is 0 only if the block group tree feature is not enabled, in which case we should find a block group item for the block group since it's stored in the extent root and block group item keys are greater than extent item keys (the value for BTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and BTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively). In case 'ret' is 1, we just need to add a record to the free space tree which spans the whole block group, and we can achieve this by making 'ret == 0' as the while loop's condition. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38504 - Linux Kernel io_uring ZCRX Use After Free

CVE ID : CVE-2025-38504 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix pp destruction warnings With multiple page pools and in some other cases we can have allocated niovs on page pool destruction. Remove a misplaced warning checking that all niovs are returned to zcrx on io_pp_zc_destroy(). It was reported before but apparently got lost. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38505 - "Mwifiex STA Interface Disassociation Frame Validation"

CVE ID : CVE-2025-38505 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: discard erroneous disassoc frames on STA interface When operating in concurrent STA/AP mode with host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when clients disconnect from the AP interface. This causes kernel warnings as the STA interface processes disconnect events that don't apply to it: [ 1303.240540] WARNING: CPU: 0 PID: 513 at net/wireless/mlme.c:141 cfg80211_process_disassoc+0x78/0xec [cfg80211] [ 1303.250861] Modules linked in: 8021q garp stp mrp llc rfcomm bnep btnxpuart nls_iso8859_1 nls_cp437 onboard_us [ 1303.327651] CPU: 0 UID: 0 PID: 513 Comm: kworker/u9:2 Not tainted 6.16.0-rc1+ #3 PREEMPT [ 1303.335937] Hardware name: Toradex Verdin AM62 WB on Verdin Development Board (DT) [ 1303.343588] Workqueue: MWIFIEX_RX_WORK_QUEUE mwifiex_rx_work_queue [mwifiex] [ 1303.350856] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 1303.357904] pc : cfg80211_process_disassoc+0x78/0xec [cfg80211] [ 1303.364065] lr : cfg80211_process_disassoc+0x70/0xec [cfg80211] [ 1303.370221] sp : ffff800083053be0 [ 1303.373590] x29: ffff800083053be0 x28: 0000000000000000 x27: 0000000000000000 [ 1303.380855] x26: 0000000000000000 x25: 00000000ffffffff x24: ffff000002c5b8ae [ 1303.388120] x23: ffff000002c5b884 x22: 0000000000000001 x21: 0000000000000008 [ 1303.395382] x20: ffff000002c5b8ae x19: ffff0000064dd408 x18: 0000000000000006 [ 1303.402646] x17: 3a36333a61623a30 x16: 32206d6f72662063 x15: ffff800080bfe048 [ 1303.409910] x14: ffff000003625300 x13: 0000000000000001 x12: 0000000000000000 [ 1303.417173] x11: 0000000000000002 x10: ffff000003958600 x9 : ffff000003625300 [ 1303.424434] x8 : ffff00003fd9ef40 x7 : ffff0000039fc280 x6 : 0000000000000002 [ 1303.431695] x5 : ffff0000038976d4 x4 : 0000000000000000 x3 : 0000000000003186 [ 1303.438956] x2 : 000000004836ba20 x1 : 0000000000006986 x0 : 00000000d00479de [ 1303.446221] Call trace: [ 1303.448722] cfg80211_process_disassoc+0x78/0xec [cfg80211] (P) [ 1303.454894] cfg80211_rx_mlme_mgmt+0x64/0xf8 [cfg80211] [ 1303.460362] mwifiex_process_mgmt_packet+0x1ec/0x460 [mwifiex] [ 1303.466380] mwifiex_process_sta_rx_packet+0x1bc/0x2a0 [mwifiex] [ 1303.472573] mwifiex_handle_rx_packet+0xb4/0x13c [mwifiex] [ 1303.478243] mwifiex_rx_work_queue+0x158/0x198 [mwifiex] [ 1303.483734] process_one_work+0x14c/0x28c [ 1303.487845] worker_thread+0x2cc/0x3d4 [ 1303.491680] kthread+0x12c/0x208 [ 1303.495014] ret_from_fork+0x10/0x20 Add validation in the STA receive path to verify that disassoc/deauth frames originate from the connected AP. Frames that fail this check are discarded early, preventing them from reaching the MLME layer and triggering WARN_ON(). This filtering logic is similar with that used in the ieee80211_rx_mgmt_disassoc() function in mac80211, which drops disassoc frames that don't match the current BSSID (!ether_addr_equal(mgmt->bssid, sdata->vif.cfg.ap_addr)), ensuring only relevant frames are processed. Tested on: - 8997 with FW 16.68.1.p197 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38506 - Oracle KVM CPU Soft Lockup Vulnerability

CVE ID : CVE-2025-38506 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory (1TB+), the host can experience CPU soft lockups when running an operation in kvm_vm_set_mem_attributes() to set memory attributes on the whole range of guest memory. watchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372] CPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary) Hardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024 RIP: 0010:xas_create+0x78/0x1f0 Code: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87 RSP: 0018:ffffad890a34b940 EFLAGS: 00000286 RAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000 RDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868 R13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868 FS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0 PKRU: 55555554 Call Trace: xas_store+0x58/0x630 __xa_store+0xa5/0x130 xa_store+0x2c/0x50 kvm_vm_set_mem_attributes+0x343/0x710 [kvm] kvm_vm_ioctl+0x796/0xab0 [kvm] __x64_sys_ioctl+0xa3/0xd0 do_syscall_64+0x8c/0x7a0 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f5578d031bb Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48 RSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb RDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b RBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000 R10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120 R13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0 While looping through the range of memory setting the attributes, call cond_resched() to give the scheduler a chance to run a higher priority task on the runqueue if necessary and avoid staying in kernel mode long enough to trigger the lockup. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38507 - Nintendo Bluetooth HID Stall and Panic Vulnerability

CVE ID : CVE-2025-38507 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook which had been added for usb joycons. First, set a new state value to JOYCON_CTLR_STATE_SUSPENDED in a newly-added nintendo_hid_suspend. This makes sure we will not stall out the kernel waiting for input reports during led classdev suspend. The stalls could happen if connectivity is unreliable or lost to the controller prior to suspend. Second, since we lose connectivity during suspend, do not try joycon_init() for bluetooth controllers in the nintendo_hid_resume path. Tested via multiple suspend/resume flows when using the controller both in USB and bluetooth modes. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38508 - "SEV-SNP Linux Kernel Secure TSC Frequency Calculation Vulnerability"

CVE ID : CVE-2025-38508 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation When using Secure TSC, the GUEST_TSC_FREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly (typically ~0.2%) from the actual mean TSC frequency due to clocking parameters. Over extended VM uptime, this discrepancy accumulates, causing clock skew between the hypervisor and a SEV-SNP VM, leading to early timer interrupts as perceived by the guest. The guest kernel relies on the reported nominal frequency for TSC-based timekeeping, while the actual frequency set during SNP_LAUNCH_START may differ. This mismatch results in inaccurate time calculations, causing the guest to perceive hrtimers as firing earlier than expected. Utilize the TSC_FACTOR from the SEV firmware's secrets page (see "Secrets Page Format" in the SNP Firmware ABI Specification) to calculate the mean TSC frequency, ensuring accurate timekeeping and mitigating clock skew in SEV-SNP VMs. Use early_ioremap_encrypted() to map the secrets page as ioremap_encrypted() uses kmalloc() which is not available during early TSC initialization and causes a panic. [ bp: Drop the silly dummy var: https://lore.kernel.org/r/20250630192726.GBaGLlHl84xIopx4Pt@fat_crate.local ] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38509 - Apache Linux WiFi Invalid Channel Width Notification Vulnerability

CVE ID : CVE-2025-38509 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject VHT opmode for unsupported channel widths VHT operating mode notifications are not defined for channel widths below 20 MHz. In particular, 5 MHz and 10 MHz are not valid under the VHT specification and must be rejected. Without this check, malformed notifications using these widths may reach ieee80211_chan_width_to_rx_bw(), leading to a WARN_ON due to invalid input. This issue was reported by syzbot. Reject these unsupported widths early in sta_link_apply_parameters() when opmode_notif is used. The accepted set includes 20, 40, 80, 160, and 80+80 MHz, which are valid for VHT. While 320 MHz is not defined for VHT, it is allowed to avoid rejecting HE or EHT clients that may still send a VHT opmode notification. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38510 - Linux Kernel KASAN Deadlock Vulnerability

CVE ID : CVE-2025-38510 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasan_find_vm_area() to prevent possible deadlock find_vm_area() couldn't be called in atomic_context. If find_vm_area() is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc(); alloc_vmap_area(); spin_lock(&vn->busy.lock) spin_lock_bh(&some_lock); spin_lock(&some_lock); kasan_report(); print_report(); print_address_description(); kasan_find_vm_area(); find_vm_area(); spin_lock(&vn->busy.lock) // deadlock! To prevent possible deadlock while kasan reports, remove kasan_find_vm_area(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38511 - Linux Kernel Xe DRM Uninitialized Data Exposure Vulnerability

CVE ID : CVE-2025-38511 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Clear all LMTT pages on alloc Our LMEM buffer objects are not cleared by default on alloc and during VF provisioning we only setup LMTT PTEs for the actually provisioned LMEM range. But beyond that valid range we might leave some stale data that could either point to some other VFs allocations or even to the PF pages. Explicitly clear all new LMTT page to avoid the risk that a malicious VF would try to exploit that gap. While around add asserts to catch any undesired PTE overwrites and low-level debug traces to track LMTT PT life-cycle. (cherry picked from commit 3fae6918a3e27cce20ded2551f863fb05d4bef8d) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38512 - Linux Wi-Fi A-MSDU Mesh Spoofing Vulnerability

CVE ID : CVE-2025-38512 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAttacks, missed this case (CVE-2025-27558). It can be considered a variant of CVE-2020-24588 but for mesh networks. This patch tries to detect if a standard MSDU was turned into an A-MSDU by an adversary. This is done by parsing a received A-MSDU as a standard MSDU, calculating the length of the Mesh Control header, and seeing if the 6 bytes after this header equal the start of an rfc1042 header. If equal, this is a strong indication of an ongoing attack attempt. This defense was tested with mac80211_hwsim against a mesh network that uses an empty Mesh Address Extension field, i.e., when four addresses are used, and when using a 12-byte Mesh Address Extension field, i.e., when six addresses are used. Functionality of normal MSDUs and A-MSDUs was also tested, and confirmed working, when using both an empty and 12-byte Mesh Address Extension field. It was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh networks keep being detected and prevented. Note that the vulnerability being patched, and the defense being implemented, was also discussed in the following paper and in the following IEEE 802.11 presentation: https://papers.mathyvanhoef.com/wisec2025.pdf https://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38513 - "Linux Kernel wifi zd1211rw Null Pointer Dereference Vulnerability"

CVE ID : CVE-2025-38513 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() There is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For example, the following is possible: T0 T1 zd_mac_tx_to_dev() /* len == skb_queue_len(q) */ while (len > ZD_MAC_MAX_ACK_WAITERS) { filter_ack() spin_lock_irqsave(&q->lock, flags); /* position == skb_queue_len(q) */ for (i=1; itype == NL80211_IFTYPE_AP) skb = __skb_dequeue(q); spin_unlock_irqrestore(&q->lock, flags); skb_dequeue() -> NULL Since there is a small gap between checking skb queue length and skb being unconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL. Then the pointer is passed to zd_mac_tx_status() where it is dereferenced. In order to avoid potential NULL pointer dereference due to situations like above, check if skb is not NULL before passing it to zd_mac_tx_status(). Found by Linux Verification Center (linuxtesting.org) with SVACE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38514 - Linux Kernel rxrpc NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38514 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AF_RXRPC service socket is opened and bound, but calls are preallocated, then rxrpc_alloc_incoming_call() will oops because the rxrpc_backlog struct doesn't get allocated until the first preallocation is made. Fix this by returning NULL from rxrpc_alloc_incoming_call() if there is no backlog struct. This will cause the incoming call to be aborted. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38515 - "AMD Xe DRM Linux Kernel Queue Stalling Race Condition"

CVE ID : CVE-2025-38515 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increment job count before swapping tail spsc queue A small race exists between spsc_queue_push and the run-job worker, in which spsc_queue_push may return not-first while the run-job worker has already idled due to the job count being zero. If this race occurs, job scheduling stops, leading to hangs while waiting on the job’s DMA fences. Seal this race by incrementing the job count before appending to the SPSC queue. This race was observed on a drm-tip 6.16-rc1 build with the Xe driver in an SVM test case. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38516 - QCOM MSM Linux Kernel GPIO Invalid Interrupt Request Vulnerability

CVE ID : CVE-2025-38516 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: mark certain pins as invalid for interrupts On some platforms, the UFS-reset pin has no interrupt logic in TLMM but is nevertheless registered as a GPIO in the kernel. This enables the user-space to trigger a BUG() in the pinctrl-msm driver by running, for example: `gpiomon -c 0 113` on RB2. The exact culprit is requesting pins whose intr_detection_width setting is not 1 or 2 for interrupts. This hits a BUG() in msm_gpio_irq_set_type(). Potentially crashing the kernel due to an invalid request from user-space is not optimal, so let's go through the pins and mark those that would fail the check as invalid for the irq chip as we should not even register them as available irqs. This function can be extended if we determine that there are more corner-cases like this. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38517 - Linux Kernel Oracle alloc_tag: Semaphore Acquisition Vulnerability

CVE ID : CVE-2025-38517 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: lib/alloc_tag: do not acquire non-existent lock in alloc_tag_top_users() alloc_tag_top_users() attempts to lock alloc_tag_cttype->mod_lock even when the alloc_tag_cttype is not allocated because: 1) alloc tagging is disabled because mem profiling is disabled (!alloc_tag_cttype) 2) alloc tagging is enabled, but not yet initialized (!alloc_tag_cttype) 3) alloc tagging is enabled, but failed initialization (!alloc_tag_cttype or IS_ERR(alloc_tag_cttype)) In all cases, alloc_tag_cttype is not allocated, and therefore alloc_tag_top_users() should not attempt to acquire the semaphore. This leads to a crash on memory allocation failure by attempting to acquire a non-existent semaphore: Oops: general protection fault, probably for non-canonical address 0xdffffc000000001b: 0000 [#3] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x00000000000000d8-0x00000000000000df] CPU: 2 UID: 0 PID: 1 Comm: systemd Tainted: G D 6.16.0-rc2 #1 VOLUNTARY Tainted: [D]=DIE Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 RIP: 0010:down_read_trylock+0xaa/0x3b0 Code: d0 7c 08 84 d2 0f 85 a0 02 00 00 8b 0d df 31 dd 04 85 c9 75 29 48 b8 00 00 00 00 00 fc ff df 48 8d 6b 68 48 89 ea 48 c1 ea 03 3c 02 00 0f 85 88 02 00 00 48 3b 5b 68 0f 85 53 01 00 00 65 ff RSP: 0000:ffff8881002ce9b8 EFLAGS: 00010016 RAX: dffffc0000000000 RBX: 0000000000000070 RCX: 0000000000000000 RDX: 000000000000001b RSI: 000000000000000a RDI: 0000000000000070 RBP: 00000000000000d8 R08: 0000000000000001 R09: ffffed107dde49d1 R10: ffff8883eef24e8b R11: ffff8881002cec20 R12: 1ffff11020059d37 R13: 00000000003fff7b R14: ffff8881002cec20 R15: dffffc0000000000 FS: 00007f963f21d940(0000) GS:ffff888458ca6000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f963f5edf71 CR3: 000000010672c000 CR4: 0000000000350ef0 Call Trace: codetag_trylock_module_list+0xd/0x20 alloc_tag_top_users+0x369/0x4b0 __show_mem+0x1cd/0x6e0 warn_alloc+0x2b1/0x390 __alloc_frozen_pages_noprof+0x12b9/0x21a0 alloc_pages_mpol+0x135/0x3e0 alloc_slab_page+0x82/0xe0 new_slab+0x212/0x240 ___slab_alloc+0x82a/0xe00 As David Wang points out, this issue became easier to trigger after commit 780138b12381 ("alloc_tag: check mem_profiling_support in alloc_tag_init"). Before the commit, the issue occurred only when it failed to allocate and initialize alloc_tag_cttype or if a memory allocation fails before alloc_tag_init() is called. After the commit, it can be easily triggered when memory profiling is compiled but disabled at boot. To properly determine whether alloc_tag_init() has been called and its data structures initialized, verify that alloc_tag_cttype is a valid pointer before acquiring the semaphore. If the variable is NULL or an error value, it has not been properly initialized. In such a case, just skip and do not attempt to acquire the semaphore. [harry.yoo@oracle.com: v3] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38518 - AMD Cyan Skillfish CPUID Information Disclosure

CVE ID : CVE-2025-38518 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Disable INVLPGB on Zen2 AMD Cyan Skillfish (Family 17h, Model 47h, Stepping 0h) has an issue that causes system oopses and panics when performing TLB flush using INVLPGB. However, the problem is that that machine has misconfigured CPUID and should not report the INVLPGB bit in the first place. So zap the kernel's representation of the flag so that nothing gets confused. [ bp: Massage. ] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38519 - "Linux Kernel Divide by Zero Vulnerability in damon_get_intervals_score()"

CVE ID : CVE-2025-38519 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: mm/damon: fix divide by zero in damon_get_intervals_score() The current implementation allows having zero size regions with no special reasons, but damon_get_intervals_score() gets crashed by divide by zero when the region size is zero. [ 29.403950] Oops: divide error: 0000 [#1] SMP NOPTI This patch fixes the bug, but does not disallow zero size regions to keep the backward compatibility since disallowing zero size regions might be a breaking change for some users. In addition, the same crash can happen when intervals_goal.access_bp is zero so this should be fixed in stable trees as well. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38520 - AMDGPU Linux Kernel Deadlock Vulnerability

CVE ID : CVE-2025-38520 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Don't call mmput from MMU notifier callback If the process is exiting, the mmput inside mmu notifier callback from compactd or fork or numa balancing could release the last reference of mm struct to call exit_mmap and free_pgtable, this triggers deadlock with below backtrace. The deadlock will leak kfd process as mmu notifier release is not called and cause VRAM leaking. The fix is to take mm reference mmget_non_zero when adding prange to the deferred list to pair with mmput in deferred list work. If prange split and add into pchild list, the pchild work_item.mm is not used, so remove the mm parameter from svm_range_unmap_split and svm_range_add_child. The backtrace of hung task: INFO: task python:348105 blocked for more than 64512 seconds. Call Trace: __schedule+0x1c3/0x550 schedule+0x46/0xb0 rwsem_down_write_slowpath+0x24b/0x4c0 unlink_anon_vmas+0xb1/0x1c0 free_pgtables+0xa9/0x130 exit_mmap+0xbc/0x1a0 mmput+0x5a/0x140 svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu] mn_itree_invalidate+0x72/0xc0 __mmu_notifier_invalidate_range_start+0x48/0x60 try_to_unmap_one+0x10fa/0x1400 rmap_walk_anon+0x196/0x460 try_to_unmap+0xbb/0x210 migrate_page_unmap+0x54d/0x7e0 migrate_pages_batch+0x1c3/0xae0 migrate_pages_sync+0x98/0x240 migrate_pages+0x25c/0x520 compact_zone+0x29d/0x590 compact_zone_order+0xb6/0xf0 try_to_compact_pages+0xbe/0x220 __alloc_pages_direct_compact+0x96/0x1a0 __alloc_pages_slowpath+0x410/0x930 __alloc_pages_nodemask+0x3a9/0x3e0 do_huge_pmd_anonymous_page+0xd7/0x3e0 __handle_mm_fault+0x5e3/0x5f0 handle_mm_fault+0xf7/0x2e0 hmm_vma_fault.isra.0+0x4d/0xa0 walk_pmd_range.isra.0+0xa8/0x310 walk_pud_range+0x167/0x240 walk_pgd_range+0x55/0x100 __walk_page_range+0x87/0x90 walk_page_range+0xf6/0x160 hmm_range_fault+0x4f/0x90 amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu] amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu] init_user_pages+0xb1/0x2a0 [amdgpu] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu] kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu] kfd_ioctl+0x29d/0x500 [amdgpu] (cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38521 - Imagination DRM GPU Runtime PM Callbacks Vulnerability

CVE ID : CVE-2025-38521 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix kernel crash when hard resetting the GPU The GPU hard reset sequence calls pm_runtime_force_suspend() and pm_runtime_force_resume(), which according to their documentation should only be used during system-wide PM transitions to sleep states. The main issue though is that depending on some internal runtime PM state as seen by pm_runtime_force_suspend() (whether the usage count is 1), pm_runtime_force_resume() might not resume the device unless needed. If that happens, the runtime PM resume callback pvr_power_device_resume() is not called, the GPU clocks are not re-enabled, and the kernel crashes on the next attempt to access GPU registers as part of the power-on sequence. Replace calls to pm_runtime_force_suspend() and pm_runtime_force_resume() with direct calls to the driver's runtime PM callbacks, pvr_power_device_suspend() and pvr_power_device_resume(), to ensure clocks are re-enabled and avoid the kernel crash. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-9092 - Bouncy Castle for Java - BC-FJA Uncontrolled Resource Consumption Denial of Service

CVE ID : CVE-2025-9092 Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago Description : Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0. Severity: 1.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 11:15:00 GMT

read more

CVE-2025-38502 - Linux Kernel BPF Cgroup Local Storage Out-of-Bounds Access

CVE ID : CVE-2025-38502 Published : Aug. 16, 2025, 10:15 a.m. | 1 hour, 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a cgroup local storage with a different value size, and one program doing a tail call into the other. The verifier will validate each of the indivial programs just fine. However, in the runtime context the bpf_cg_run_ctx holds an bpf_prog_array_item which contains the BPF program as well as any cgroup local storage flavor the program uses. Helpers such as bpf_get_local_storage() pick this up from the runtime context: ctx = container_of(current->bpf_ctx, struct bpf_cg_run_ctx, run_ctx); storage = ctx->prog_item->cgroup_storage[stype]; if (stype == BPF_CGROUP_STORAGE_SHARED) ptr = &READ_ONCE(storage->buf)->data[0]; else ptr = this_cpu_ptr(storage->percpu_buf); For the second program which was called from the originally attached one, this means bpf_get_local_storage() will pick up the former program's map, not its own. With mismatching sizes, this can result in an unintended out-of-bounds access. To fix this issue, we need to extend bpf_map_owner with an array of storage_cookie[] to match on i) the exact maps from the original program if the second program was using bpf_get_local_storage(), or ii) allow the tail call combination if the second program was not using any of the cgroup local storage maps. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 10:15:00 GMT

read more

CVE-2025-8719 - WordPress gTranslate Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8719 Published : Aug. 16, 2025, 9:15 a.m. | 2 hours, 47 minutes ago Description : The Translate This gTranslate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘base_lang’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 09:15:00 GMT

read more

CVE-2025-7499 - BetterDocs – Unauthorized Data Access Vulnerability

CVE ID : CVE-2025-7499 Published : Aug. 16, 2025, 8:15 a.m. | 3 hours, 47 minutes ago Description : The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_response function in all versions up to and including 4.1.1. This makes it possible for unauthenticated attackers to retrieve passwords for password-protected documents as well as the metadata of private and draft documents. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 08:15:00 GMT

read more

CVE-2025-8464 - WordPress Contact Form 7 Drag and Drop Multiple File Upload Directory Traversal Vulnerability

CVE ID : CVE-2025-8464 Published : Aug. 16, 2025, 8:15 a.m. | 3 hours, 47 minutes ago Description : The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.3.9.0 via the wpcf7_guest_user_id cookie. This makes it possible for unauthenticated attackers to upload and delete files outside of the originally intended directory. The impact of this vulnerability is limited, as file types are validated and only safe ones can be uploaded, while deletion is limited to the plugin's uploads folder. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 08:15:00 GMT

read more

CVE-2025-8898 - WordPress E-cab Plugin Privilege Escalation Vulnerability

CVE ID : CVE-2025-8898 Published : Aug. 16, 2025, 7:15 a.m. | 4 hours, 47 minutes ago Description : The Taxi Booking Manager for Woocommerce | E-cab plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.0. This is due to the plugin not properly validating a user's capabilities prior to updating a plugin setting or their identity prior to updating their details like email address. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 07:15:00 GMT

read more

CVE-2025-8089 - WordPress Advanced iFrame Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8089 Published : Aug. 16, 2025, 7:15 a.m. | 2 hours, 47 minutes ago Description : The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in version less than, or equal to, 2025.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 07:15:00 GMT

read more

CVE-2025-8896 - WordPress User Profile Builder Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8896 Published : Aug. 16, 2025, 7:15 a.m. | 2 hours, 47 minutes ago Description : The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdpr_communication_preferences[]' parameter in all versions up to, and including, 3.14.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is only exploitable when the GDPR Communication Preferences module is enabled and at least one GDPR Communication Preferences field has been added to the edit profile form. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 07:15:00 GMT

read more

CVE-2025-38501 - KSMBD Connection Flood Denial of Service Vulnerability

CVE ID : CVE-2025-38501 Published : Aug. 16, 2025, 6:15 a.m. | 3 hours, 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated connections from clients with the same IP. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 06:15:00 GMT

read more

CVE-2025-8113 - Ebook Store WordPress Cross-Site Scripting (XSS)

CVE ID : CVE-2025-8113 Published : Aug. 16, 2025, 6:15 a.m. | 3 hours, 47 minutes ago Description : The Ebook Store WordPress plugin before 5.8015 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 06:15:00 GMT

read more

CVE-2025-6221 - Bokun Embed WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6221 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The Embed Bokun plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ parameter in all versions up to, and including, 0.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7439 - Anber Elementor Addon WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-7439 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $anber_item['button_link']['url']’ parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7440 - Anber Elementor Addon for WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7440 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $item['button_link']['url'] parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7441 - StoryChief WordPress Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-7441 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7649 - Surbma Recent Comments Shortcode Stored Cross-Site Scripting

CVE ID : CVE-2025-7649 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The Surbma | Recent Comments Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'recent-comments' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7651 - Earnware Connect Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-7651 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The Earnware Connect plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ew_hasrole' shortcode in all versions up to, and including, 1.0.73 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7664 - WordPress AL Pack Origin Header Validation Bypass

CVE ID : CVE-2025-7664 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The AL Pack plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the check_activate_permission() permission callback for the /wp-json/presslearn/v1/activate REST API endpoint in all versions up to, and including, 1.0.2. The callback reads the client-supplied Origin header and, after parsing, allows the request if it matches one of the trusted domains, without ever verifying user authentication, capabilities, or nonce tokens. This makes it possible for unauthenticated attackers to activate premium features by simply spoofing the Origin header. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7668 - WordPress Linux Promotional Plugin CSRF Vulnerability

CVE ID : CVE-2025-7668 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The Linux Promotional Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the 'inux-promotional-plugin.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7683 - WordPress LatestCheckins CSRF

CVE ID : CVE-2025-7683 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The LatestCheckins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1. This is due to missing or incorrect nonce validation on the 'LatestCheckins' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7684 - Last.fm Recent Album Artwork Plugin for WordPress CSRF Vulnerability

CVE ID : CVE-2025-7684 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The Last.fm Recent Album Artwork plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the 'lastfm_albums_artwork.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-7686 - Weichuncai WP Pseudo Spring CSRF

CVE ID : CVE-2025-7686 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The weichuncai(WP伪春菜) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the sm-options.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2025-8293 - WordPress Intl DateTime Calendar Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8293 Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago Description : The Intl DateTime Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘date’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:16:00 GMT

read more

CVE-2024-12612 - "Wordpress School Management System SQL Injection"

CVE ID : CVE-2024-12612 Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 47 minutes ago Description : The School Management System for Wordpress plugin for WordPress is vulnerable to SQL Injection via several parameters across multiple AJAX action in all versions up to, and including, 93.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2024-8393 - Woolook Woocommerce Blocks WordPress Local File Inclusion Vulnerability

CVE ID : CVE-2024-8393 Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 46 minutes ago Description : The Woocommerce Blocks – Woolook plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.0 via the via the 'tab' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. Please note that this can also be exploited via CSRF techniques. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2025-3671 - "Wordpress Gym Management System - Local File Inclusion Vulnerability"

CVE ID : CVE-2025-3671 Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 46 minutes ago Description : The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 67.7.0 via the 'page' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. The Local File Inclusion exploit can be chained to include various dashboard view files in the plugin. One in particular reported by the researcher can be leveraged to update the password of Super Administrator accounts in Multisite environments making privilege escalation possible. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2025-6079 - "WordPress School Management System File Upload Vulnerability"

CVE ID : CVE-2025-6079 Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 46 minutes ago Description : The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2025-6080 - "Wordpress Gym Management System Unauthenticated Admin Account Creation Vulnerability"

CVE ID : CVE-2025-6080 Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 46 minutes ago Description : The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized admin account creation in all versions up to, and including, 67.7.0. This is due to the plugin not properly validating a user's capabilities prior to adding users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create new users, including admins. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 04:15:00 GMT

read more

CVE-2024-12575 - WordPress Poll Maker Basic Information Exposure

CVE ID : CVE-2024-12575 Published : Aug. 16, 2025, 3:15 a.m. | 4 hours, 55 minutes ago Description : The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 5.8.9 via the 'ays_finish_poll' AJAX action. This makes it possible for unauthenticated attackers to retrieve admin email information which is exposed in the poll response. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 03:15:00 GMT

read more

CVE-2025-49895 - PluginBuddy.Com ServerBuddy CSRF Object Injection Vulnerability

CVE ID : CVE-2025-49895 Published : Aug. 16, 2025, 3:15 a.m. | 4 hours, 55 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in iThemes ServerBuddy by PluginBuddy.Com allows Object Injection.This issue affects ServerBuddy by PluginBuddy.Com: from n/a through 1.0.5. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 03:15:00 GMT

read more

CVE-2025-55284 - Claude Code File Disclosure and Network Exfiltration

CVE ID : CVE-2025-55284 Published : Aug. 16, 2025, 2:15 a.m. | 5 hours, 55 minutes ago Description : Claude Code is an agentic coding tool. Prior to version 1.0.4, it's possible to bypass the Claude Code confirmation prompts to read a file and then send file contents over the network without user confirmation due to an overly broad allowlist of safe commands. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update received this fix automatically after release. Current users of Claude Code are unaffected, as versions prior to 1.0.24 are deprecated and have been forced to update. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 02:15:00 GMT

read more

CVE-2025-55286 - Z2D MSAA Buffer Overflow Vulnerability

CVE ID : CVE-2025-55286 Published : Aug. 16, 2025, 1:15 a.m. | 5 hours, 1 minute ago Description : z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing (MSAA) method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing (SSAA) method. Under certain circumstances where the path being drawn existed in whole or partly outside of the rendering surface, incorrect bounding could cause out-of-bounds access within the coverage buffer. This affects the higher-level drawing operations, such as Context.fill, Context.stroke, painter.fill, and painter.stroke, when either the .default or .multisample_4x anti-aliasing modes were used. .supersample_4x was not affected, nor was drawing without anti-aliasing. In non-safe optimization modes (consumers compiling with ReleaseFast or ReleaseSmall), this could potentially lead to invalid memory accesses or corruption. z2d v0.7.1 fixes this issue, and it's recommended to upgrade to v0.7.1, or, given the small period of time v0.7.0 has been released, use v0.7.1 immediately, skipping v0.7.0. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 01:15:00 GMT

read more

CVE-2017-20199 - Buttercup Buttercup-Browser-Extension Remote Improper Access Control Vulnerability

CVE ID : CVE-2017-20199 Published : Aug. 16, 2025, 12:15 a.m. | 6 hours, 1 minute ago Description : A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.1 is able to address this issue. The identifier of the patch is 89. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 16 Aug 2025 00:15:00 GMT

read more

CVE-2025-52619 - HCL BigFix SaaS Authentication Service Sensitive Information Disclosure

CVE ID : CVE-2025-52619 Published : Aug. 15, 2025, 11:15 p.m. | 7 hours, 1 minute ago Description : HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 23:15:00 GMT

read more

CVE-2025-52620 - HCL BigFix XSS Vulnerability in Image Upload Functionality

CVE ID : CVE-2025-52620 Published : Aug. 15, 2025, 11:15 p.m. | 7 hours, 1 minute ago Description : HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability. The image upload functionality inadequately validated the submitted image format. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 23:15:00 GMT

read more

CVE-2025-52621 - HCL BigFix SaaS Origin Header Cache Poisoning

CVE ID : CVE-2025-52621 Published : Aug. 15, 2025, 11:15 p.m. | 7 hours, 1 minute ago Description : HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 23:15:00 GMT

read more

CVE-2025-52618 - HCL BigFix SQL Injection

CVE ID : CVE-2025-52618 Published : Aug. 15, 2025, 11:15 p.m. | 4 hours, 36 minutes ago Description : HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers to manipulate SQL queries. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 23:15:00 GMT

read more

CVE-2025-43201 - Apple Music Classical Credential Disclosure

CVE ID : CVE-2025-43201 Published : Aug. 15, 2025, 10:15 p.m. | 5 hours, 36 minutes ago Description : This issue was addressed with improved checks. This issue is fixed in Apple Music Classical 2.3 for Android. An app may be able to unexpectedly leak a user's credentials. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 22:15:00 GMT

read more

CVE-2025-44201 - Apache None-Severity

CVE ID : CVE-2025-44201 Published : Aug. 15, 2025, 9:15 p.m. | 6 hours, 36 minutes ago Description : Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 21:15:00 GMT

read more

CVE-2025-8959 - HashiCorp Go-Getter Symlink Read Access Vulnerability

CVE ID : CVE-2025-8959 Published : Aug. 15, 2025, 9:15 p.m. | 6 hours, 36 minutes ago Description : HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 21:15:00 GMT

read more

CVE-2025-36088 - IBM TS4500 Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-36088 Published : Aug. 15, 2025, 8:15 p.m. | 7 hours, 36 minutes ago Description : IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 20:15:00 GMT

read more

CVE-2025-43490 - HP Hotkey Support HPAAudioAnalytics Escalation of Privilege Vulnerability

CVE ID : CVE-2025-43490 Published : Aug. 15, 2025, 7:15 p.m. | 8 hours, 36 minutes ago Description : A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 19:15:00 GMT

read more

CVE-2025-55285 - Backstage Plugin Scaffolder Backend Information Disclosure

CVE ID : CVE-2025-55285 Published : Aug. 15, 2025, 6:15 p.m. | 9 hours, 36 minutes ago Description : @backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If ${{ secrets.x }} is not passed through to fetch:template there is no impact. This issue has been resolved in 2.1.1 of the scaffolder-backend plugin. A workaround for this issue involves Template Authors removing the use of ${{ secrets }} being used as an argument to fetch:template. Severity: 2.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 18:15:00 GMT

read more

CVE-2025-7961 - Wulkano KAP Code Injection Vulnerability

CVE ID : CVE-2025-7961 Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS allows TCC Bypass.This issue affects KAP: 3.6.0. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8092 - "Drupal COOKiES Consent Management Cross-Site Scripting"

CVE ID : CVE-2025-8092 Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting (XSS).This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.16. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8361 - Drupal Config Pages Missing Authorization Vulnerability

CVE ID : CVE-2025-8361 Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago Description : Missing Authorization vulnerability in Drupal Config Pages allows Forceful Browsing.This issue affects Config Pages: from 0.0.0 before 2.18.0. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8362 - Drupal GoogleTag Manager Cross-Site Scripting (XSS)

CVE ID : CVE-2025-8362 Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal GoogleTag Manager allows Cross-Site Scripting (XSS).This issue affects GoogleTag Manager: from 0.0.0 before 1.10.0. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8675 - Drupal AI SEO Link Advisor SSRF

CVE ID : CVE-2025-8675 Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago Description : Server-Side Request Forgery (SSRF) vulnerability in Drupal AI SEO Link Advisor allows Server Side Request Forgery.This issue affects AI SEO Link Advisor: from 0.0.0 before 1.0.6. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8995 - Drupal Authenticator Login Authentication Bypass

CVE ID : CVE-2025-8995 Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-8996 - Drupal Layout Builder Advanced Permissions Missing Authorization

CVE ID : CVE-2025-8996 Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago Description : Missing Authorization vulnerability in Drupal Layout Builder Advanced Permissions allows Forceful Browsing.This issue affects Layout Builder Advanced Permissions: from 0.0.0 before 2.2.0. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-9060 - MSoft MFlash Remote Code Execution Vulnerability

CVE ID : CVE-2025-9060 Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago Description : A vulnerability has been found in the MSoft MFlash application that allows execution of arbitrary code on the server. The issue occurs in the integration configuration functionality that is only available to MFlash administrators. The vulnerability is related to insufficient validation of parameters when setting up security components. This issue affects MFlash v. 8.0 and possibly others. To mitigate apply 8.2-653 hotfix 11.06.2025 and above. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 17:15:00 GMT

read more

CVE-2025-55207 - Astro Open Redirect Vulnerability

CVE ID : CVE-2025-55207 Published : Aug. 15, 2025, 4:15 p.m. | 11 hours, 36 minutes ago Description : Astro is a web framework for content-driven websites. Following CVE-2025-54793 there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios prior to version 9.4.1. Astro 5.12.8 addressed CVE-2025-54793 where https://example.com//astro.build/press would redirect to the external origin //astro.build/press. However, with the Node deployment adapter in standalone mode and trailingSlash set to "always" in the Astro configuration, https://example.com//astro.build/press still redirects to //astro.build/press. This affects any user who clicks on a specially crafted link pointing to the affected domain. Since the domain appears legitimate, victims may be tricked into trusting the redirected page, leading to possible credential theft, malware distribution, or other phishing-related attacks. This issue has been patched in version 9.4.1. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-8066 - Bunkerity Bunker Web Open Redirect Phishing

CVE ID : CVE-2025-8066 Published : Aug. 15, 2025, 4:15 p.m. | 11 hours, 36 minutes ago Description : URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bunkerity Bunker Web on Linux allows Phishing.This issue affects Bunker Web: 1.6.2. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-49432 - FWDesign Ultimate Video Player Missing Authorization Vulnerability

CVE ID : CVE-2025-49432 Published : Aug. 15, 2025, 4:15 p.m. | 9 hours, 46 minutes ago Description : Missing Authorization vulnerability in FWDesign Ultimate Video Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Video Player: from n/a through 10.1. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-49897 - Gopiplus Vertical Scroll Slideshow Gallery SQL Injection

CVE ID : CVE-2025-49897 Published : Aug. 15, 2025, 4:15 p.m. | 9 hours, 46 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-49898 - Xolluteon Dropshix Cross-site Scripting (XSS)

CVE ID : CVE-2025-49898 Published : Aug. 15, 2025, 4:15 p.m. | 9 hours, 46 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xolluteon Dropshix allows DOM-Based XSS.This issue affects Dropshix: from n/a through 4.0.14. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 16:15:00 GMT

read more

CVE-2025-5047 - Autodesk AutoCAD Uninitialized Variable Vulnerability

CVE ID : CVE-2025-5047 Published : Aug. 15, 2025, 3:15 p.m. | 8 hours, 46 minutes ago Description : A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-5048 - Autodesk AutoCAD DGN File Memory Corruption Vulnerability

CVE ID : CVE-2025-5048 Published : Aug. 15, 2025, 3:15 p.m. | 8 hours, 46 minutes ago Description : A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-24975 - Firebird Database Segfault and Encryption Key Vulnerability

CVE ID : CVE-2025-24975 Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago Description : Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when created versus what is available could result in a segfault in the server process. Encrypted databases, accessed by execute statement on external, may be accessed later by an attachment missing a key to that database. In a case when execute statement are chained, segfault may happen. Additionally, the segfault may affect unencrypted databases. This issue has been patched in snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609 and point releases 4.0.6 and 5.0.2. A workaround for this issue involves setting ExtConnPoolSize equal to 0 in firebird.conf. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-54466 - Apache OFBiz Scrum Plugin Code Injection Vulnerability

CVE ID : CVE-2025-54466 Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago Description : Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz scrum plugin. This issue affects Apache OFBiz: before 24.09.02 only when the scrum plugin is used. Even unauthenticated attackers can exploit this vulnerability. Users are recommended to upgrade to version 24.09.02, which fixes the issue. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-54989 - Firebird XDR Message Parsing Denial-of-Service

CVE ID : CVE-2025-54989 Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago Description : Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and DoS. This issue has been patched in versions 3.0.13, 4.0.6, and 5.0.3. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-55203 - Plane Stored XSS Vulnerability

CVE ID : CVE-2025-55203 Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago Description : Plane is open-source project management software. Prior to version 0.28.0, a stored cross-site scripting (XSS) vulnerability exists in the description_html field of Plane. This flaw allows an attacker to inject malicious JavaScript code that is stored and later executed in other users’ browsers. The description_html field is not properly sanitized or escaped. An attacker can submit crafted JavaScript payloads that are saved in the application’s database. When another user views the affected content, the injected code executes in their browser, running in the application’s context and bypassing standard security protections. Successful exploitation can lead to session hijacking, theft of sensitive information, or forced redirection to malicious sites. The vulnerability can also be chained with CSRF attacks to perform unauthorized actions, or leveraged to distribute malware and exploit additional browser vulnerabilities. This issue has been patched in version 0.28.0. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-5046 - Autodesk AutoCAD Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-5046 Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago Description : A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2024-12573 - Apache Web Server Authentication Bypass

CVE ID : CVE-2024-12573 Published : Aug. 15, 2025, 3:15 p.m. | 4 hours, 25 minutes ago Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-24752 Reason: This candidate is a reservation duplicate of CVE-2025-24752. Notes: All CVE users should reference CVE-2025-24752 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 15:15:00 GMT

read more

CVE-2025-9052 - Projectworlds Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9052 Published : Aug. 15, 2025, 1:15 p.m. | 6 hours, 25 minutes ago Description : A vulnerability was identified in projectworlds Travel Management System 1.0. This affects an unknown part of the file /updatepackage.php. The manipulation of the argument s1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 13:15:00 GMT

read more

CVE-2025-9053 - Projectworlds Travel Management System SQL Injection

CVE ID : CVE-2025-9053 Published : Aug. 15, 2025, 1:15 p.m. | 6 hours, 25 minutes ago Description : A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file /updatesubcategory.php. The manipulation of the argument t1/s1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 13:15:00 GMT

read more

CVE-2025-9050 - "Projectworlds Travel Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-9050 Published : Aug. 15, 2025, 12:15 p.m. | 5 hours, 59 minutes ago Description : A vulnerability was found in projectworlds Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /addcategory.php. The manipulation of the argument t1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-9051 - Projectworlds Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9051 Published : Aug. 15, 2025, 12:15 p.m. | 5 hours, 59 minutes ago Description : A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-1929 - Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı SQL Injection Vulnerability

CVE ID : CVE-2025-1929 Published : Aug. 15, 2025, 12:15 p.m. | 3 hours, 45 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection.This issue affects Reel Sektör Hazine ve Risk Yönetimi Yazılımı: through 1.0.0.4. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-54473 - Joomla Phoca Commander Authenticated Remote Code Execution

CVE ID : CVE-2025-54473 Published : Aug. 15, 2025, 12:15 p.m. | 3 hours, 45 minutes ago Description : An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature. Severity: 9.2 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-54474 - "DJ-Classifieds SQL Injection Vulnerability"

CVE ID : CVE-2025-54474 Published : Aug. 15, 2025, 12:15 p.m. | 3 hours, 45 minutes ago Description : A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-54475 - "Joomla JS Jobs Plugin SQL Injection Vulnerability"

CVE ID : CVE-2025-54475 Published : Aug. 15, 2025, 12:15 p.m. | 3 hours, 45 minutes ago Description : A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 12:15:00 GMT

read more

CVE-2025-26709 - ZTE F50 Web Module Unauthorized Access Vulnerability

CVE ID : CVE-2025-26709 Published : Aug. 15, 2025, 11:15 a.m. | 4 hours, 45 minutes ago Description : There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 11:15:00 GMT

read more

CVE-2025-9028 - "Code-projects Online Medicine Guide SQL Injection Vulnerability"

CVE ID : CVE-2025-9028 Published : Aug. 15, 2025, 11:15 a.m. | 4 hours, 45 minutes ago Description : A vulnerability was found in code-projects Online Medicine Guide 1.0. This issue affects some unknown processing of the file /adphar.php. The manipulation of the argument phuname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 11:15:00 GMT

read more

CVE-2025-9046 - Tenda AC20 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9046 Published : Aug. 15, 2025, 11:15 a.m. | 4 hours, 45 minutes ago Description : A vulnerability was identified in Tenda AC20 16.03.08.12. This issue affects the function sub_46A2AC of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 11:15:00 GMT

read more

CVE-2025-9047 - Projectworlds Visitor Management System SQL Injection

CVE ID : CVE-2025-9047 Published : Aug. 15, 2025, 11:15 a.m. | 4 hours, 45 minutes ago Description : A vulnerability has been found in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /visitor_out.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 11:15:00 GMT

read more

CVE-2025-9026 - D-Link DIR-860L OS Command Injection Vulnerability

CVE ID : CVE-2025-9026 Published : Aug. 15, 2025, 10:15 a.m. | 5 hours, 45 minutes ago Description : A vulnerability was identified in D-Link DIR-860L 2.04.B04. This affects the function ssdpcgi_main of the file htdocs/cgibin of the component Simple Service Discovery Protocol. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 10:15:00 GMT

read more

CVE-2025-9027 - "Code-Projects Online Medicine Guide SQL Injection"

CVE ID : CVE-2025-9027 Published : Aug. 15, 2025, 10:15 a.m. | 5 hours, 45 minutes ago Description : A vulnerability has been found in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /addelivery.php. The manipulation of the argument deName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 10:15:00 GMT

read more

CVE-2025-9023 - Tenda AC7/AC18 Buffer Overflow in formSetSchedLed

CVE ID : CVE-2025-9023 Published : Aug. 15, 2025, 9:15 a.m. | 6 hours, 45 minutes ago Description : A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-9024 - PHPGurukul Beauty Parlour Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9024 Published : Aug. 15, 2025, 9:15 a.m. | 6 hours, 45 minutes ago Description : A vulnerability was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /book-appointment.php. The manipulation of the argument Message leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-9025 - Simple Cafe Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-9025 Published : Aug. 15, 2025, 9:15 a.m. | 6 hours, 45 minutes ago Description : A vulnerability was determined in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /portal.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7650 - WordPress BizCalendar Local File Inclusion Vulnerability

CVE ID : CVE-2025-7650 Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago Description : The BizCalendar Web plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.0.50 via the 'bizcalv' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7662 - WordPress Gestion de Tarifs SQL Injection

CVE ID : CVE-2025-7662 Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago Description : The Gestion de tarifs plugin for WordPress is vulnerable to SQL Injection via the 'tarif' and 'intitule' shortcodes in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7688 - WordPress Add User Meta CSRF

CVE ID : CVE-2025-7688 Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago Description : The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7778 - WordPress Icons Factory Plugin Arbitrary File Deletion Vulnerability

CVE ID : CVE-2025-7778 Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago Description : The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the delete_files() function in all versions up to, and including, 1.6.12. This makes it possible for unauthenticated attackers to to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8080 - WordPress Alobaidi Captcha Stored Cross-Site Scripting

CVE ID : CVE-2025-8080 Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago Description : The Alobaidi Captcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8091 - WordPress EventON Lite Information Exposure Vulnerability

CVE ID : CVE-2025-8091 Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago Description : The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8720 - WordPress Plugin README Parser Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8720 Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago Description : The Plugin README Parser plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘target’ parameter in all versions up to, and including, 1.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8905 - WordPress Inpersttion For Theme Remote Code Execution

CVE ID : CVE-2025-8905 Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago Description : The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0 via the theme_section_shortcode() function. This is due to the plugin not restricting what functions can be called. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server which is limited to arbitrary functions without any user supplied parameters. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-5844 - WordPress Radius Blocks Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5844 Published : Aug. 15, 2025, 9:15 a.m. | 2 hours, 46 minutes ago Description : The Radius Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subHeadingTagName’ parameter in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7507 - WordPress elink Embed Content Plugin Malicious Redirect Vulnerability

CVE ID : CVE-2025-7507 Published : Aug. 15, 2025, 9:15 a.m. | 2 hours, 46 minutes ago Description : The elink – Embed Content plugin for WordPress is vulnerable to Malicious Redirect in all versions up to, and including, 1.1.0. This is due to the plugin not restricting URLS that can be supplied through the elink shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to supply an HTML file that can be leverged to redirect users to a malicious domain. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-7641 - "NextGEN Gallery Directory Deletion Vulnerability"

CVE ID : CVE-2025-7641 Published : Aug. 15, 2025, 9:15 a.m. | 2 hours, 46 minutes ago Description : The Assistant for NextGEN Gallery plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the /wp-json/nextgenassistant/v1.0.0/control REST endpoint in all versions up to, and including, 1.0.9. This makes it possible for unauthenticated attackers to delete arbitrary directories on the server, which can cause a complete loss of availability. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 09:15:00 GMT

read more

CVE-2025-8604 - WordPress Table Plugin - WP Table Builder Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8604 Published : Aug. 15, 2025, 8:15 a.m. | 3 hours, 46 minutes ago Description : The WP Table Builder – WordPress Table Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wptb shortcode in all versions up to, and including, 2.0.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 08:15:00 GMT

read more

CVE-2025-9020 - "PX4 Mavlink Shell Use After Free Vulnerability"

CVE ID : CVE-2025-9020 Published : Aug. 15, 2025, 8:15 a.m. | 3 hours, 46 minutes ago Description : A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handle_message_serial_control of the file src/modules/mavlink/mavlink_receiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument _mavlink_shell leads to use after free. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of the patch is 4395d4f00c49b888f030f5b43e2a779f1fa78708. It is recommended to apply a patch to fix this issue. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 08:15:00 GMT

read more

CVE-2025-9021 - SourceCodester Online Bank Management System SQL Injection

CVE ID : CVE-2025-9021 Published : Aug. 15, 2025, 8:15 a.m. | 3 hours, 46 minutes ago Description : A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 08:15:00 GMT

read more

CVE-2025-9022 - SourceCodester Online Bank Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9022 Published : Aug. 15, 2025, 8:15 a.m. | 3 hours, 46 minutes ago Description : A vulnerability was identified in SourceCodester Online Bank Management System up to 1.0. This issue affects some unknown processing of the file /bank/statements.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 08:15:00 GMT

read more

CVE-2025-9019 - "tcpreplay Heap-Based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-9019 Published : Aug. 15, 2025, 7:15 a.m. | 4 hours, 46 minutes ago Description : A vulnerability has been found in tcpreplay 4.5.1. This vulnerability affects the function mask_cidr6 of the file cidr.c of the component tcpprep. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The researcher is able to reproduce this with the latest official release 4.5.1 and the current master branch. The code maintainer cannot reproduce this for 4.5.2-beta1. In his reply the maintainer explains that "[i]n that case, this is a duplicate that was fixed in 4.5.2." Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-6679 - Bit Form for WordPress Remote File Upload Vulnerability

CVE ID : CVE-2025-6679 Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago Description : The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.20.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. For this to be exploitable, the PRO version needs to be installed and activated as well. Additionally a form with an advanced file upload element needs to be published. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-8013 - Quttera Web Malware Scanner for WordPress SSRF

CVE ID : CVE-2025-8013 Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago Description : The Quttera Web Malware Scanner plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.5.1.41 via the 'RunExternalScan' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-8451 - Elementor Essential Addons DOM-Based Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-8451 Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago Description : The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘data-gallery-items’ parameter in all versions up to, and including, 6.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-9016 - Mechrevo Control Center GX Powershell Uncontrolled Search Path Vulnerability

CVE ID : CVE-2025-9016 Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago Description : A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-9017 - PHPGurukul Zoo Management System Cross Site Scripting Vulnerability

CVE ID : CVE-2025-9017 Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago Description : A vulnerability has been found in PHPGurukul Zoo Management System 2.1. This vulnerability affects unknown code of the file /admin/add-foreigner-ticket.php. The manipulation of the argument visitorname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 07:15:00 GMT

read more

CVE-2025-9013 - "PHPGurukul Online Shopping Portal Project SQL Injection Vulnerability"

CVE ID : CVE-2025-9013 Published : Aug. 15, 2025, 6:15 a.m. | 3 hours, 52 minutes ago Description : A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.0. This vulnerability affects unknown code of the file /shopping/password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 06:15:00 GMT

read more

CVE-2025-9012 - "PHPGurukul Online Shopping Portal Project SQL Injection Vulnerability"

CVE ID : CVE-2025-9012 Published : Aug. 15, 2025, 6:15 a.m. | 1 hour, 46 minutes ago Description : A vulnerability was identified in PHPGurukul Online Shopping Portal Project 2.0. This affects an unknown part of the file shopping/bill-ship-addresses.php. The manipulation of the argument billingpincode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 06:15:00 GMT

read more

CVE-2025-31961 - HCL Connections Broken Access Control Vulnerability

CVE ID : CVE-2025-31961 Published : Aug. 15, 2025, 5:15 a.m. | 2 hours, 46 minutes ago Description : HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 05:15:00 GMT

read more

CVE-2025-9009 - "iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-9009 Published : Aug. 15, 2025, 5:15 a.m. | 2 hours, 46 minutes ago Description : A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/email_setup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 05:15:00 GMT

read more

CVE-2025-9010 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9010 Published : Aug. 15, 2025, 5:15 a.m. | 2 hours, 46 minutes ago Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking_report.php. The manipulation of the argument from_date leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 05:15:00 GMT

read more

CVE-2025-9011 - PHPGurukul Online Shopping Portal Project SQL Injection

CVE ID : CVE-2025-9011 Published : Aug. 15, 2025, 5:15 a.m. | 2 hours, 46 minutes ago Description : A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this issue is some unknown functionality of the file /shopping/signup.php. The manipulation of the argument emailid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 05:15:00 GMT

read more

CVE-2025-9007 - Tenda CH22 Buffer Overflow Vulnerability

CVE ID : CVE-2025-9007 Published : Aug. 15, 2025, 4:15 a.m. | 3 hours, 45 minutes ago Description : A vulnerability has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formeditFileName of the file /goform/editFileName. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 04:15:00 GMT

read more

CVE-2025-9008 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-9008 Published : Aug. 15, 2025, 4:15 a.m. | 3 hours, 45 minutes ago Description : A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/sms_setting.php. The manipulation of the argument uname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 04:15:00 GMT

read more

CVE-2025-6025 - WooCommerce Order Tip Improper Input Validation Vulnerability

CVE ID : CVE-2025-6025 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper Input Validation in all versions up to, and including, 1.5.4. This is due to lack of server-side validation on the `data-tip` attribute, which makes it possible for unauthenticated attackers to apply an excessive or even negative tip amount, resulting in unauthorized discount up to free orders depending on the value submitted. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8342 - WooCommerce OTP Login With Phone Number Authentication Bypass Vulnerability

CVE ID : CVE-2025-8342 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : The WooCommerce OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass due to insufficient empty value checking in the lwp_ajax_register function in all versions up to, and including, 1.8.47. This makes it possible for unauthenticated attackers to bypass OTP verification and gain administrative access to any user account with a configured phone number by exploiting improper Firebase API error handling when the Firebase API key is not configured. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8676 - Gutenberg Slider Block for WP Sensitive Information Exposure

CVE ID : CVE-2025-8676 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in versions less than, or equal to, 2.0.0 via the get_active_plugins function. This makes it possible for authenticated attackers, with subscriber-level access and above to extract sensitive data including installed plugin information. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8680 - Gutenberg Slider Block for WP Server-Side Request Forgery Vulnerability

CVE ID : CVE-2025-8680 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Server-Side Request Forgery in version less than, or equal to, 2.0.0 via the fs_api_request function. This makes it possible for authenticated attackers, with subscriber-level access and above to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8867 - Graphina Elementor Charts and Graphs WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8867 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : The Graphina - Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widget parameters in version 3.1.3 and below. This is due to insufficient input sanitization and output escaping on user supplied attributes such as chart categories, titles, and tooltip settings. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9001 - LemonOS HTTP Client Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9001 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : A vulnerability was determined in LemonOS up to nightly-2024-07-12 on LemonOS. Affected by this issue is the function HTTPGet of the file /Applications/Steal/main.cpp of the component HTTP Client. The manipulation of the argument chunkSize leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9002 - Surbowl Dormitory-Management-Php SQL Injection Vulnerability

CVE ID : CVE-2025-9002 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : A vulnerability was identified in Surbowl dormitory-management-php 1.0. This affects an unknown part of the file login.php. The manipulation of the argument Account leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9003 - D-Link DIR-818LW DHCP Reserved Address Handler Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-9003 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : A vulnerability has been found in D-Link DIR-818LW 1.04. This vulnerability affects unknown code of the file /bsc_lan.php of the component DHCP Reserved Address Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9004 - Mtons MBlog Authentication Bypass Vulnerability

CVE ID : CVE-2025-9004 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9005 - Mtons Mblogger Information Exposure Vulnerability

CVE ID : CVE-2025-9005 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-9006 - Tenda CH22 Buffer Overflow Vulnerability

CVE ID : CVE-2025-9006 Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago Description : A vulnerability was identified in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function formdelFileName of the file /goform/delFileName. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55719 - Apache HTTP Server SQL Injection

CVE ID : CVE-2025-55719 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55720 - Apache HTTP Server Unvalidated Request Parameter

CVE ID : CVE-2025-55720 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55721 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-55721 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55722 - Apache Struts Cross-Site Scripting (XSS)

CVE ID : CVE-2025-55722 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55723 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-55723 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55724 - Apache Struts Remote Code Execution

CVE ID : CVE-2025-55724 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55725 - Apache HTTP Server Command Injection

CVE ID : CVE-2025-55725 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55726 - Apache Server Cross-Site Request Forgery

CVE ID : CVE-2025-55726 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-55718 - Apache HTTP Server Unvalidated Request Parameter

CVE ID : CVE-2025-55718 Published : Aug. 15, 2025, 3:15 a.m. | 45 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 03:15:00 GMT

read more

CVE-2025-8992 - Mtons Mblog Cross-Site Request Forgery (CSRF)

CVE ID : CVE-2025-8992 Published : Aug. 15, 2025, 2:15 a.m. | 1 hour, 45 minutes ago Description : A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 02:15:00 GMT

read more

CVE-2025-8993 - iSourcecode Online Tour and Travel Management System SQL Injection

CVE ID : CVE-2025-8993 Published : Aug. 15, 2025, 2:15 a.m. | 1 hour, 45 minutes ago Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expense_report.php. The manipulation of the argument from_date leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 02:15:00 GMT

read more

CVE-2025-9000 - Mechrevo Control Center GX Path Traversal

CVE ID : CVE-2025-9000 Published : Aug. 15, 2025, 2:15 a.m. | 1 hour, 45 minutes ago Description : A vulnerability was found in Mechrevo Control Center GX V2 5.56.51.48. Affected by this vulnerability is an unknown functionality of the component reg File Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 02:15:00 GMT

read more

CVE-2025-8990 - Code-projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8990 Published : Aug. 15, 2025, 1:16 a.m. | 2 hours, 44 minutes ago Description : A vulnerability was determined in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /browsemdcn.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 01:16:00 GMT

read more

CVE-2025-8991 - Linlinjava Litemall Business Logic Handler Remote Code Execution Vulnerability

CVE ID : CVE-2025-8991 Published : Aug. 15, 2025, 1:16 a.m. | 2 hours, 44 minutes ago Description : A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemall_express_freight_min leads to business logic errors. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 01:16:00 GMT

read more

CVE-2025-8989 - SourceCodester COVID 19 Testing Management System SQL Injection

CVE ID : CVE-2025-8989 Published : Aug. 15, 2025, 1:16 a.m. | 45 minutes ago Description : A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 15 Aug 2025 01:16:00 GMT

read more

CVE-2025-31987 - HCL Connections Denial of Service

CVE ID : CVE-2025-31987 Published : Aug. 14, 2025, 11:15 p.m. | 2 hours, 46 minutes ago Description : HCL Connections Docs may mishandle validation of certain uploaded documents leading to denial of service due to resource exhaustion. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 23:15:00 GMT

read more

CVE-2025-8987 - SourceCodester COVID 19 Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8987 Published : Aug. 14, 2025, 11:15 p.m. | 2 hours, 46 minutes ago Description : A vulnerability was identified in SourceCodester COVID 19 Testing Management System 1.0. This affects an unknown part of the file /test-details.php. The manipulation of the argument remark leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 23:15:00 GMT

read more

CVE-2025-8988 - SourceCodester COVID 19 Testing Management System SQL Injection

CVE ID : CVE-2025-8988 Published : Aug. 14, 2025, 11:15 p.m. | 2 hours, 46 minutes ago Description : A vulnerability has been found in SourceCodester COVID 19 Testing Management System 1.0. This vulnerability affects unknown code of the file /bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 23:15:00 GMT

read more

CVE-2025-8984 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8984 Published : Aug. 14, 2025, 10:15 p.m. | 3 hours, 46 minutes ago Description : A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expense_category.php. The manipulation of the argument expense_name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 22:15:00 GMT

read more

CVE-2025-8985 - SourceCodester COVID 19 Testing Management System SQL Injection

CVE ID : CVE-2025-8985 Published : Aug. 14, 2025, 10:15 p.m. | 3 hours, 46 minutes ago Description : A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 22:15:00 GMT

read more

CVE-2025-8986 - SourceCodester COVID 19 Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8986 Published : Aug. 14, 2025, 10:15 p.m. | 3 hours, 46 minutes ago Description : A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 22:15:00 GMT

read more

CVE-2025-8982 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8982 Published : Aug. 14, 2025, 9:15 p.m. | 4 hours, 46 minutes ago Description : A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument curr_code leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 21:15:00 GMT

read more

CVE-2025-8983 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8983 Published : Aug. 14, 2025, 9:15 p.m. | 4 hours, 46 minutes ago Description : A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expense_for leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 21:15:00 GMT

read more

CVE-2025-50861 - Lotus Cars Android App Unauthenticated Access Vulnerability

CVE ID : CVE-2025-50861 Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago Description : The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of service or logic abuse. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-50862 - Lotus Cars Android App Data Exfiltration Vulnerability

CVE ID : CVE-2025-50862 Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago Description : The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 has allowBackup=true set in its manifest, allowing data exfiltration via ADB backup on rooted or debug-enabled devices. This presents a risk of user data exposure. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-51965 - OURPHP Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-51965 Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago Description : OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting (XSS) via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-8979 - "Tenda AC15 Firmware Update Handler Authenticity Verification Vulnerability"

CVE ID : CVE-2025-8979 Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago Description : A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function check_fw_type/split_fireware/check_fw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-8980 - Tenda Firmware Update Handler Insufficient Data Authenticity Remote Vulnerability

CVE ID : CVE-2025-8980 Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago Description : A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected by this issue is the function check_upload_file of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-8981 - iSourcecode Online Tour and Travel Management System SQL Injection

CVE ID : CVE-2025-8981 Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument payment_type leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 20:15:00 GMT

read more

CVE-2025-55711 - WordPress Table Builder Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-55711 Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Table Builder WP Table Builder allows Stored XSS. This issue affects WP Table Builder: from n/a through 2.0.12. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55712 - POSIMYTH The Plus Addons for Elementor Page Builder Lite Missing Authorization Vulnerability

CVE ID : CVE-2025-55712 Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago Description : Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 6.3.13. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55713 - Blocksy Stored Cross-Site Scripting

CVE ID : CVE-2025-55713 Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeThemes Blocksy allows Stored XSS. This issue affects Blocksy: from n/a through 2.1.6. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55714 - Crocoblock JetElements For Elementor Cross-site Scripting (XSS)

CVE ID : CVE-2025-55714 Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor allows Stored XSS. This issue affects JetElements For Elementor: from n/a through 2.7.9. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55716 - VeronaLabs WP Statistics Missing Authorization Vulnerability

CVE ID : CVE-2025-55716 Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago Description : Missing Authorization vulnerability in VeronaLabs WP Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Statistics: from n/a through 14.15. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-8975 - Givanz Vvveb Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8975 Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago Description : A vulnerability was identified in givanz Vvveb up to 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The patch is named 84c11d69df8452dc378feecd17e2a62ac10dac66. It is recommended to upgrade the affected component. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-8976 - "Givanz Vvveb Endpoint Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-8976 Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago Description : A vulnerability has been found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/index.php?module=content/post&type=post of the component Endpoint. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. It is recommended to upgrade the affected component. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-8978 - D-Link DIR-619L Boa Authentication Bypass Vulnerability

CVE ID : CVE-2025-8978 Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago Description : A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function FirmwareUpgrade of the component boa. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55708 - ExpressTech Systems Quiz And Survey Master SQL Injection

CVE ID : CVE-2025-55708 Published : Aug. 14, 2025, 7:15 p.m. | 4 hours, 43 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master allows SQL Injection. This issue affects Quiz And Survey Master: from n/a through 10.2.4. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55709 - Visual Composer Website Builder Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-55709 Published : Aug. 14, 2025, 7:15 p.m. | 4 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS. This issue affects Visual Composer Website Builder: from n/a through n/a. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-55710 - TaxoPress Information Disclosure

CVE ID : CVE-2025-55710 Published : Aug. 14, 2025, 7:15 p.m. | 4 hours, 43 minutes ago Description : Insertion of Sensitive Information Into Sent Data vulnerability in Steve Burge TaxoPress allows Retrieve Embedded Sensitive Data. This issue affects TaxoPress: from n/a through 3.37.2. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54736 - NordicMade Savoy Information Exposure

CVE ID : CVE-2025-54736 Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago Description : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy allows Retrieve Embedded Sensitive Data. This issue affects Savoy: from n/a through 3.0.8. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54739 - Nexter Blocks Missing Authorization Vulnerability

CVE ID : CVE-2025-54739 Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago Description : Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexter Blocks: from n/a through 4.5.4. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54740 - Michael Nelson Print My Blog Stored Cross-site Scripting

CVE ID : CVE-2025-54740 Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog allows Stored XSS. This issue affects Print My Blog: from n/a through 3.27.9. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54746 - Cartpauj Shortcode Redirect Cross-site Scripting

CVE ID : CVE-2025-54746 Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cartpauj Shortcode Redirect allows Stored XSS. This issue affects Shortcode Redirect: from n/a through 1.0.02. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54747 - WordPress Templatera Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54747 Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbakery Templatera allows DOM-Based XSS. This issue affects Templatera: from n/a through 2.3.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54749 - Crocoblock JetProductGallery Cross-site Scripting

CVE ID : CVE-2025-54749 Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54730 - PARETO Digital Embedder for Google Reviews Missing Authorization Vulnerability

CVE ID : CVE-2025-54730 Published : Aug. 14, 2025, 7:15 p.m. | 1 hour, 28 minutes ago Description : Missing Authorization vulnerability in PARETO Digital Embedder for Google Reviews allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Embedder for Google Reviews: from n/a through 1.7.3. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54732 - Shahjada WPDM Premium Packages CSRF Vulnerability

CVE ID : CVE-2025-54732 Published : Aug. 14, 2025, 7:15 p.m. | 1 hour, 28 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross Site Request Forgery. This issue affects WPDM – Premium Packages: from n/a through 6.0.2. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54712 - Hashthemes Easy Elementor Addons Missing Authorization Vulnerability

CVE ID : CVE-2025-54712 Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago Description : Missing Authorization vulnerability in hashthemes Easy Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Easy Elementor Addons: from n/a through 2.2.7. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54715 - UKR Solution Barcode Scanner with Inventory Order Manager Path Traversal

CVE ID : CVE-2025-54715 Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager allows Path Traversal. This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.9.0. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54717 - e-Plugins WP Membership Missing Authorization Vulnerability

CVE ID : CVE-2025-54717 Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago Description : Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Membership: from n/a through 1.6.3. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54727 - CreativeMindsSolutions CM On Demand Search And Replace Stored Cross-site Scripting

CVE ID : CVE-2025-54727 Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Stored XSS. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54728 - CreativeMindsSolutions CM On Demand Search And Replace CSRF Vulnerability

CVE ID : CVE-2025-54728 Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Cross Site Request Forgery. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2025-54729 - Webba Booking Cross-site Scripting

CVE ID : CVE-2025-54729 Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webba Appointment Booking Webba Booking allows Stored XSS. This issue affects Webba Booking: from n/a through 6.0.5. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 19:15:00 GMT

read more

CVE-2023-43687 - Malwarebytes Race Condition Code Execution Vulnerability

CVE ID : CVE-2023-43687 Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago Description : An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). There is a Race condition that leads to code execution because of a lack of locks between file verification and execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2024-37945 - Elementor Page Builder WPBITS Addons Stored Cross-site Scripting (XSS)

CVE ID : CVE-2024-37945 Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.5. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-21110 - Dell Data Lakehouse Privilege Escalation Vulnerability

CVE ID : CVE-2025-21110 Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago Description : Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-51986 - FreeMODBUS Demo/LINUXTCP Infinite Loop Vulnerability

CVE ID : CVE-2025-51986 Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago Description : An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-52335 - EyouCMS Cross Site Scripting (XSS)

CVE ID : CVE-2025-52335 Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago Description : EyouCMS 1.7.3 is vulnerale to Cross Site Scripting (XSS) in index.php, which can be exploited to obtain sensitive information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-8972 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8972 Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago Description : A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-8973 - SourceCodester Cashier Queuing System SQL Injection Vulnerability

CVE ID : CVE-2025-8973 Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago Description : A vulnerability has been found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the file /Actions.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-8974 - Litemall JSON Web Token Handler Remote Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-8974 Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago Description : A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java of the component JSON Web Token Handler. The manipulation of the argument SECRET with the input X-Litemall-Token leads to hard-coded credentials. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 18:15:00 GMT

read more

CVE-2025-20254 - Cisco Secure Firewall ASA/FTD IKEv2 Packet Parsing Denial of Service

CVE ID : CVE-2025-20254 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20263 - Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability

CVE ID : CVE-2025-20263 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system.  This vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could cause the system to reload, resulting in a denial of service (DoS) condition. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20265 - "Cisco Secure Firewall Management Center RADIUS Command Injection Vulnerability"

CVE ID : CVE-2025-20265 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.  This vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high privilege level. Note: For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20268 - "Cisco Secure Firewall Threat Defense (FTD) Geolocation-Based Remote Access VPN HTTP Bypass Vulnerability"

CVE ID : CVE-2025-20268 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability in the Geolocation-Based Remote Access (RA) VPN feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections based on a country or region. This vulnerability exists because the URL string is not fully parsed. An attacker could exploit this vulnerability by sending a crafted HTTP connection through the targeted device. A successful exploit could allow the attacker to bypass configured policies and gain access to a network where the connection should have been denied. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20301 - Cisco Secure FMC Software Domain Traverse Authorization Bypass

CVE ID : CVE-2025-20301 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to access troubleshoot files for a different domain. This vulnerability is due to missing authorization checks. An attacker could exploit this vulnerability by directly accessing a troubleshoot file for a different domain that is managed on the same Cisco Secure FMC instance. A successful exploit could allow the attacker to retrieve a troubleshoot file for a different domain, which could allow the attacker to access sensitive information contained in the troubleshoot file. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20302 - "Cisco Secure FMC Domain Report Access Bypass"

CVE ID : CVE-2025-20302 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain. This vulnerability is due to missing authorization checks. An attacker could exploit this vulnerability by directly accessing a generated report file for a different domain that is managed on the same Cisco Secure FMC instance. A successful exploit could allow the attacker to access a previously run report for a different domain, which could allow an attacker to read activity recorded in that domain. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20306 - Cisco Secure Firewall Management Center FMC Remote Command Execution Vulnerability

CVE ID : CVE-2025-20306 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficient input validation of certain HTTP request parameters that are sent to the web-based management interface. An attacker could exploit this vulnerability by authenticating to the interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute commands as the root user on the affected device. To exploit this vulnerability, an attacker would need Administrator-level credentials. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-50515 - "Empirebak Phome Code Injection Vulnerability"

CVE ID : CVE-2025-50515 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : An issue was discovered in phome Empirebak 2010 in ebak2008/upload/class/config.php allowing attackers to execute arbitrary code when the config file was loaded. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-50817 - "Python-Future Arbitrary Code Execution Vulnerability"

CVE ID : CVE-2025-50817 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker who has the ability to write files to the server, allowing the execution of arbitrary code. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-55192 - Tapo-Control GitHub Actions Code Injection Vulnerability

CVE ID : CVE-2025-55192 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulnerability in the GitHub Actions workflow .github/workflows/issues.yml. It does not affect users of the Home Assistant integration itself — it only impacts the GitHub Actions environment for this repository. The vulnerable workflow directly inserted user-controlled content from the issue body (github.event.issue.body) into a Bash conditional without proper sanitization. A malicious GitHub user could craft an issue body that executes arbitrary commands on the GitHub Actions runner in a privileged context whenever an issue is opened. The potential impact is limited to the repository’s CI/CD environment, which could allow access to repository contents or GitHub Actions secrets. This issue has been patched via commit 2a3b80f. Workarounds involve disabling the affected workflow (issues.yml), replacing the unsafe Bash comparison with a safe quoted grep (or a pure GitHub Actions expression check), or ensuring minimal permissions in workflows (permissions: block) to reduce possible impact. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-55195 - Deno Standard Library Prototype Pollution

CVE ID : CVE-2025-55195 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : @std/toml is the Deno Standard Library. Prior to version 1.0.9, an attacker can pollute the prototype chain in Node.js runtime and Browser when parsing untrusted TOML data, thus achieving Prototype Pollution (PP) vulnerability. This is because the library is merging an untrusted object with an empty object, which by default the empty object has the prototype chain. This issue has been patched in version 1.0.9. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-8968 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8968 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapprove_user.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-8969 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8969 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/approve_user.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-8970 - iSourcecode Online Tour and Travel Management System SQL Injection

CVE ID : CVE-2025-8970 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/booking.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-8971 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8971 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-9039 - Amazon ECS Agent Cross-Site Access Vulnerability

CVE ID : CVE-2025-9039 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is hosted. This issue does not affect instances where the option to allow off-host access to the introspection server is set to 'false'. This issue has been addressed in ECS agent version 1.97.1. We recommend upgrading to the latest version and ensuring any forked or derivative code is patched to incorporate the new fixes. If customers cannot update to the latest AMI, they can modify the Amazon EC2 security groups to restrict incoming access to the introspection server port (51678). Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-9043 - Seagate Toolkit Unquoted Search Path Vulnerability

CVE ID : CVE-2025-9043 Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago Description : The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on Windows allows an attacker with Admin privileges to exploit a vulnerability as classified under CWE-428: Unquoted Search Path or Element. An attacker with write permissions to the root could place a malicious Program.exe file, which would execute with SYSTEM privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20237 - "Cisco Secure Firewall Adaptive Security Appliance and FTD Software Command Injection"

CVE ID : CVE-2025-20237 Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago Description : A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying operating system as root. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20238 - Cisco Secure Firewall ASA/FTD Command Injection Vulnerability

CVE ID : CVE-2025-20238 Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago Description : A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying operating system as root. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20239 - "Cisco IKEv2 Memory Leak Vulnerability"

CVE ID : CVE-2025-20239 Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago Description : A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to a lack of proper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. In the case of Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly. In the case of Cisco ASA and FTD Software, a successful exploit could allow the attacker to partially exhaust system memory, causing system instability such as being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20243 - Cisco Secure Firewall ASA/FTD Unauthenticated Remote DoS Vulnerability

CVE ID : CVE-2025-20243 Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago Description : A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to improper validation of user-supplied input on an interface with VPN web services. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on an affected device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20244 - Cisco Secure Firewall Adaptive Security Appliance/Threat Defense SSL VPN HTTP Header Field Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-20244 Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago Description : A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow a remote attacker that is authenticated as a VPN user to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header field value. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted Remote Access SSL VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition, which would cause the affected device to reload. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20251 - Cisco Secure Firewall ASA/FTD Remote File Creation and Deletion Vulnerability (Authentication Bypass)

CVE ID : CVE-2025-20251 Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago Description : A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to create or delete arbitrary files on the underlying operating system. If critical system files are manipulated, new Remote Access SSL VPN sessions could be denied and existing sessions could be dropped, causing a denial of service (DoS) condition. An exploited device requires a manual reboot to recover. This vulnerability is due to insufficient input validation when processing HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to create or delete files on the underlying operating system, which could cause the Remote Access SSL VPN service to become unresponsive. To exploit this vulnerability, the attacker must be authenticated as a VPN user of the affected device. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20252 - Cisco Secure Firewall Adaptive Security Appliance IKEv2 Memory Leak Denial of Service

CVE ID : CVE-2025-20252 Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago Description : A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2025-20253 - Cisco IKEv2 DoS Vulnerability

CVE ID : CVE-2025-20253 Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago Description : A vulnerability in the IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall ASA Software, and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is due to the improper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause an infinite loop that exhausts resources and could cause the device to reload. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 17:15:00 GMT

read more

CVE-2023-43694 - Malwarebytes Out-Of-Bounds Read Denial Of Service

CVE ID : CVE-2023-43694 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : An issue was discovered in Malwarebytes 4.6.14.326 and before and 5.1.5.116 and before (and Nebula 2020-10-21 and later). An Out of bounds read in several disassembling utilities causes stability issues and denial of service. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-33142 - IBM WebSphere Application Server TLS Weak Security

CVE ID : CVE-2025-33142 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-36047 - IBM WebSphere Application Server Liberty Denial of Service

CVE ID : CVE-2025-36047 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-50518 - Libcoap Use-After-Free Vulnerability

CVE ID : CVE-2025-50518 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : A use-after-free vulnerability exists in the coap_delete_pdu_lkd function within coap_pdu.c of the libcoap library. This issue occurs due to improper handling of memory after the freeing of a PDU object, leading to potential memory corruption or the possibility of executing arbitrary code. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-53631 - FlaskBlog Flask XSS Vulnerability

CVE ID : CVE-2025-53631 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : flaskBlog is a blog app built with Flask. In versions 2.8.1 and prior, improper sanitization of postContent when submitting POST requests to /createpost leads to arbitrary JavaScript execution (XSS) on all pages the post is reflected on including /, /post/[ID], /admin/posts, and /user/[ID] of the user that made the post. At time of publication, there are no public patches available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-54389 - AIDE Terminal Escape Sequence Injection Vulnerability

CVE ID : CVE-2025-54389 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and/or tamper with the log output. A local user might exploit this to bypass the AIDE detection of malicious files. Additionally the output of extended attribute key names and symbolic links targets are also not properly neutralized. This issue has been patched in version 0.19.2. A workaround involves configuring AIDE to write the report output to a regular file, redirecting stdout to a regular file, or redirecting the log output written to stderr to a regular file. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-54409 - "AIDE Null Pointer Dereference Vulnerability"

CVE ID : CVE-2025-54409 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a key containing a comma. A local user might exploit this to cause a local denial of service. This issue has been patched in version 0.19.2. A workaround involves removing xattrs group from rules matching files on affected file systems. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-54867 - Youki Container Runtime RootFS Escalation

CVE ID : CVE-2025-54867 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-8965 - "Litemall Unrestricted File Upload Vulnerability"

CVE ID : CVE-2025-8965 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-8966 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8966 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/tax.php. The manipulation of the argument tname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-8967 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8967 Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago Description : A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 16:15:00 GMT

read more

CVE-2025-36612 - Dell SupportAssist Incorrect Privilege Assignment Vulnerability

CVE ID : CVE-2025-36612 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : SupportAssist for Business PCs, version(s) 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-36613 - Dell SupportAssist Incorrect Privilege Assignment Vulnerability

CVE ID : CVE-2025-36613 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access. Severity: 2.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-38738 - Dell SupportAssist Incorrect Privilege Assignment

CVE ID : CVE-2025-38738 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : SupportAssist for Home PCs Installer exe version(s) 4.8.2.29006 and prior, contain(s) an Incorrect Privilege Assignment vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-38745 - Dell OpenManage Enterprise Log Insertion Information Exposure

CVE ID : CVE-2025-38745 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains an Insertion of Sensitive Information into Log File vulnerability in the Backup and Restore. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-40758 - Mendix SAML Authentication Hijacking Vulnerability

CVE ID : CVE-2025-40758 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions V4.0.3), Mendix SAML (Mendix 10.21 compatible) (All versions V4.1.2), Mendix SAML (Mendix 9.24 compatible) (All versions V3.6.21). Affected versions of the module insufficiently enforce signature validation and binding checks. This could allow unauthenticated remote attackers to hijack an account in specific SSO configurations. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-43983 - KuWFi CPF908-CP5 WEB LCD Device Authentication Bypass and Command Injection

CVE ID : CVE-2025-43983 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices have multiple unauthenticated access control vulnerabilities within goform/goform_set_cmd_process and goform/goform_get_cmd_process. These allow an unauthenticated attacker to retrieve sensitive information (including the device admin username and password), modify critical device settings, and send arbitrary SMS messages. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-7971 - Rockwell Automation Studio 5000 Logix Designer Environment Variable Injection Vulnerability

CVE ID : CVE-2025-7971 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-7972 - Rockwell Automation FactoryTalk Linx Network Browser Node Validation Bypass

CVE ID : CVE-2025-7972 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-8875 - N-able N-central Deserialization of Untrusted Data Remote Code Execution Vulnerability

CVE ID : CVE-2025-8875 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-8876 - N-able N-central OS Command Injection

CVE ID : CVE-2025-8876 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-8962 - Hostel Management System Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8962 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : A vulnerability was found in code-projects Hostel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file hostel_manage.exe of the component Login Form. The manipulation of the argument uname leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-8964 - Code-Projects Hostel Management System Local Authentication Bypass

CVE ID : CVE-2025-8964 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : A vulnerability was identified in code-projects Hostel Management System 1.0. This affects an unknown part of the file hostel_manage.exe of the component Login. The manipulation leads to improper authentication. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-9041 - " Schneider Electric 5094-IF8 CIP Class 32 Inhibition Module Fault Vulnerability"

CVE ID : CVE-2025-9041 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010), and the module cannot recover without a power cycle. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-9042 - " Schneider Electric 5094-IY8 CIP Class 32 Module Inhibition Vulnerability"

CVE ID : CVE-2025-9042 Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago Description : A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IY8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010), and the module cannot recover without a power cycle. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-26484 - Dell CloudLink XML External Entity Reference Denial of Service Vulnerability

CVE ID : CVE-2025-26484 Published : Aug. 14, 2025, 3:15 p.m. | 26 minutes ago Description : Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External Entity Reference vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-27845 - ESPEC North America Web Controller Authentication Bypass

CVE ID : CVE-2025-27845 Published : Aug. 14, 2025, 3:15 p.m. | 26 minutes ago Description : In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This allows for elevated permissions to the UI. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-27846 - ESPEC North America Web Controller Bootloader Privilege Escalation

CVE ID : CVE-2025-27846 Published : Aug. 14, 2025, 3:15 p.m. | 26 minutes ago Description : In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2025-27847 - ESPEC North America Web Controller Authentication Privilege Escalation

CVE ID : CVE-2025-27847 Published : Aug. 14, 2025, 3:15 p.m. | 26 minutes ago Description : In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are not revoked on logout. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 15:15:00 GMT

read more

CVE-2024-53945 - KuWFi 4G AC900 LTE Router Command Injection Vulnerability

CVE ID : CVE-2024-53945 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell metacharacters in parameters such as pincode and cmds. Exploitation can lead to full system compromise, including enabling remote access (e.g., enabling telnet). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2024-53946 - KuWFi 4G LTE AC900 Router CSRF Vulnerability

CVE ID : CVE-2024-53946 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : The KuWFi 4G LTE AC900 router 1.0.13 is vulnerable to Cross-Site Request Forgery (CSRF) on its web management interface. This vulnerability allows an attacker to trick an authenticated admin user into performing unauthorized actions, such as exploiting a command injection vulnerability in /goform/formMultiApnSetting. Successful exploitation can also lead to unauthorized configuration changes. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-36581 - Dell PowerEdge AMD BIOS Buffer Access Vulnerability

CVE ID : CVE-2025-36581 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-43984 - KuWFi GC111 Command Injection Vulnerability

CVE ID : CVE-2025-43984 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software Version: GC111-GL-LM321_V3.0_20191211). They are vulnerable to unauthenticated /goform/goform_set_cmd_process requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary OS commands with root privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-55672 - Apache Superset Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-55672 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : A stored Cross-Site Scripting (XSS) vulnerability exists in Apache Superset's chart visualization. An authenticated user with permissions to edit charts can inject a malicious payload into a column's label. The payload is not properly sanitized and gets executed in the victim's browser when they hover over the chart, potentially leading to session hijacking or the execution of arbitrary commands on behalf of the user. This issue affects Apache Superset: before 5.0.0. Users are recommended to upgrade to version 5.0.0, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-55673 - Apache Superset Database Schema Disclosure

CVE ID : CVE-2025-55673 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : When a guest user accesses a chart in Apache Superset, the API response from the /chart/data endpoint includes a query field in its payload. This field contains the underlying query, which improperly discloses database schema information, such as table names, to the low-privileged guest user. This issue affects Apache Superset: before 4.1.3. Users are recommended to upgrade to version 4.1.3, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-55674 - Apache Superset SQL Function Bypass Vulnerability

CVE ID : CVE-2025-55674 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : A bypass of the DISALLOWED_SQL_FUNCTIONS security feature in Apache Superset allows for the execution of blocked SQL functions. An attacker can use a special inline block to circumvent the denylist. This allows a user with SQL Lab access to execute functions that were intended to be disabled, leading to the disclosure of sensitive database information like the software version. This issue affects Apache Superset: before 5.0.0. Users are recommended to upgrade to version 5.0.0, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-55675 - Apache Superset Unauthenticated Datasource Enumeration

CVE ID : CVE-2025-55675 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : Apache Superset contains an improper access control vulnerability in its /explore endpoint. A missing authorization check allows an authenticated user to discover metadata about datasources they do not have permission to access. By iterating through the datasource_id in the URL, an attacker can enumerate and confirm the existence and names of protected datasources, leading to sensitive information disclosure. This issue affects Apache Superset: before 5.0.0. Users are recommended to upgrade to version 5.0.0, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-7353 - Rockwell Automation ControlLogix Ethernet Modules Remote Code Execution Vulnerability

CVE ID : CVE-2025-7353 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-7773 - "Fortinet 5032 Web Server Predictable Session ID"

CVE ID : CVE-2025-7773 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : A security issue exists within the 5032 16pt Digital Configurable module’s web server. The web server’s session number increments at an interval that correlates to the last two consecutive sign in session interval, making it predictable. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-7774 - "Fortinet 5032 Session Credential Exposure Vulnerability"

CVE ID : CVE-2025-7774 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-7973 - Allen-Bradley FactoryTalk ViewPoint Privilege Escalation

CVE ID : CVE-2025-7973 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During a repair, attackers can hijack the cscript.exe console window, which runs with SYSTEM privileges. This can be exploited to spawn an elevated command prompt, enabling full privilege escalation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2025-9036 - Citrix Workspace Token Replay Vulnerability

CVE ID : CVE-2025-9036 Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago Description : A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 14:15:00 GMT

read more

CVE-2023-5342 - Apache Struts Remote Code Execution

CVE ID : CVE-2023-5342 Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago Description : Rejected reason: The original vulnerability was not valid. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8713 - PostgreSQL View and Row Security Statistics Information Disclosure

CVE ID : CVE-2025-8713 Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago Description : PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user could craft a leaky operator that bypassed view access control lists (ACLs) and bypassed row security policies in partitioning or table inheritance hierarchies. Reachable statistics data notably included histograms and most-common-values lists. CVE-2017-7484 and CVE-2019-10130 intended to close this class of vulnerability, but this gap remained. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8714 - PostgreSQL Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-8714 Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago Description : Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8715 - PostgreSQL SQL Injection

CVE ID : CVE-2025-8715 Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago Description : Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks can achieve SQL injection as a superuser of the restore target server. pg_dumpall, pg_restore, and pg_upgrade are also affected. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Versions before 11.20 are unaffected. CVE-2012-0868 had fixed this class of problem, but version 11.20 reintroduced it. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8961 - LibTIFF TIFFcrop Heap-Based Buffer Overflow

CVE ID : CVE-2025-8961 Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago Description : A vulnerability was identified in LibTIFF 4.7.0. This issue affects the function May of the file tiffcrop.c of the component tiffcrop. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8963 - Jeecgboot JimuReport Remote Deserialization Vulnerability

CVE ID : CVE-2025-8963 Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago Description : A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/testConnection of the component Data Large Screen Template. The manipulation leads to deserialization. The attack may be launched remotely. The vendor response to the GitHub issue report is: "Modified, next version updated". Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 13:15:00 GMT

read more

CVE-2025-8960 - Campcodes Online Flight Booking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8960 Published : Aug. 14, 2025, 12:15 p.m. | 2 hours, 49 minutes ago Description : A vulnerability has been found in Campcodes Online Flight Booking Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/save_airlines.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 12:15:00 GMT

read more

CVE-2025-54705 - WpEvently Magepeopleteam Missing Authorization Vulnerability

CVE ID : CVE-2025-54705 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago Description : Missing Authorization vulnerability in magepeopleteam WpEvently allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpEvently: from n/a through 4.4.6. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54706 - Noor Alam Magical Posts Display Cross-site Scripting (XSS)

CVE ID : CVE-2025-54706 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Magical Posts Display allows DOM-Based XSS. This issue affects Magical Posts Display: from n/a through 1.2.52. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54707 - RealMag777 MDTF SQL Injection

CVE ID : CVE-2025-54707 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 MDTF allows SQL Injection. This issue affects MDTF: from n/a through 1.3.3.7. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-8957 - Campcodes Online Flight Booking Management System SQL Injection

CVE ID : CVE-2025-8957 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago Description : A vulnerability was determined in Campcodes Online Flight Booking Management System 1.0. Affected is an unknown function of the file /flights.php. The manipulation of the argument departure_airport_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-8958 - Tenda WiFi Stack-Based Buffer Overflow

CVE ID : CVE-2025-8958 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago Description : A vulnerability was identified in Tenda TX3 16.03.13.11_multi_TDE01. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54692 - WP Swings Membership For WooCommerce Missing Authorization Vulnerability

CVE ID : CVE-2025-54692 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Membership For WooCommerce: from n/a through 2.9.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54693 - Epiphyt Form Block Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-54693 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block allows Upload a Web Shell to a Web Server. This issue affects Form Block: from n/a through 1.5.5. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54694 - bPlugins Button Block CSRF Vulnerability

CVE ID : CVE-2025-54694 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Cross-Site Request Forgery (CSRF) vulnerability in bPlugins Button Block allows Cross Site Request Forgery. This issue affects Button Block: from n/a through 1.2.0. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54695 - HasTech HT Mega Missing Authorization Vulnerability

CVE ID : CVE-2025-54695 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Missing Authorization vulnerability in HasTech HT Mega allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HT Mega: from n/a through 2.9.0. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54696 - WPFunnels Cross-site Scripting (XSS)

CVE ID : CVE-2025-54696 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFunnels WPFunnels allows Stored XSS. This issue affects WPFunnels: from n/a through 3.5.26. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54697 - Ben Ritner Kadence WooCommerce Email Designer Privilege Escalation Vulnerability

CVE ID : CVE-2025-54697 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Incorrect Privilege Assignment vulnerability in Ben Ritner - Kadence WP Kadence WooCommerce Email Designer allows Privilege Escalation. This issue affects Kadence WooCommerce Email Designer: from n/a through 1.5.16. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54698 - RadiusTheme Classified Listing XSS Injection

CVE ID : CVE-2025-54698 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in RadiusTheme Classified Listing allows Code Injection. This issue affects Classified Listing: from n/a through 5.0.0. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54699 - Masteriyo LMS Cross-site Scripting

CVE ID : CVE-2025-54699 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in masteriyo Masteriyo - LMS allows Stored XSS. This issue affects Masteriyo - LMS: from n/a through 1.18.3. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54700 - ThemeMove Makeaholic PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54700 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Makeaholic allows PHP Local File Inclusion. This issue affects Makeaholic: from n/a through 1.8.4. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54701 - ThemeMove Unicamp PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54701 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Unicamp allows PHP Local File Inclusion. This issue affects Unicamp: from n/a through 2.6.3. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54702 - Motov.net Ebook Store CSRF Vulnerability

CVE ID : CVE-2025-54702 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Cross-Site Request Forgery (CSRF) vulnerability in motov.net Ebook Store allows Cross Site Request Forgery. This issue affects Ebook Store: from n/a through 5.8013. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54703 - Prince Integrate Google Drive CSRF

CVE ID : CVE-2025-54703 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Prince Integrate Google Drive allows Cross Site Request Forgery. This issue affects Integrate Google Drive: from n/a through 1.5.2. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54704 - Hashthemes Easy Elementor Addons Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-54704 Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Easy Elementor Addons allows DOM-Based XSS. This issue affects Easy Elementor Addons: from n/a through 2.2.6. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54686 - Exertio Scriptsbundle Object Injection Vulnerability

CVE ID : CVE-2025-54686 Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago Description : Deserialization of Untrusted Data vulnerability in scriptsbundle Exertio allows Object Injection. This issue affects Exertio: from n/a through 1.3.2. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54687 - Crocoblock JetTabs Cross-site Scripting Vulnerability

CVE ID : CVE-2025-54687 Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTabs allows DOM-Based XSS. This issue affects JetTabs: from n/a through 2.2.9.1. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54688 - Crocoblock JetEngine Cross-site Scripting (XSS)

CVE ID : CVE-2025-54688 Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine allows Stored XSS. This issue affects JetEngine: from n/a through 3.7.1.2. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54689 - ThemBay Urna PHP Remote File Inclusion

CVE ID : CVE-2025-54689 Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna allows PHP Local File Inclusion. This issue affects Urna: from n/a through 2.5.7. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54690 - ThemeStek Xinterio PHP RFI Vulnerability

CVE ID : CVE-2025-54690 Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themeStek Xinterio allows PHP Local File Inclusion. This issue affects Xinterio: from n/a through 4.2. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54691 - Stylemix Motors Authorization Bypass

CVE ID : CVE-2025-54691 Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago Description : Authorization Bypass Through User-Controlled Key vulnerability in Stylemix Motors allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Motors: from n/a through 1.4.80. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-54685 - Brainstorm Force SureDash Information Disclosure Vulnerability

CVE ID : CVE-2025-54685 Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 1 minute ago Description : Insertion of Sensitive Information Into Sent Data vulnerability in Brainstorm Force SureDash allows Retrieve Embedded Sensitive Data. This issue affects SureDash: from n/a through 1.1.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 11:15:00 GMT

read more

CVE-2025-48860 - "CtrlX OS Backup Archive Privilege Escalation"

CVE ID : CVE-2025-48860 Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago Description : A vulnerability in the web application of the ctrlX OS setup mechanism facilitated an authenticated (low privileged) attacker to gain remote access to backup archives created by a user with elevated permissions. Depending on the content of the backup archive, the attacker may have been able to access sensitive data. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-48861 - CtrlX OS Task API Remote Information Disclosure

CVE ID : CVE-2025-48861 Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago Description : A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-48862 - CtrlX OS Unencrypted Backup File Exposure

CVE ID : CVE-2025-48862 Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago Description : Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-54472 - Apache bRPC Redis Protocol Parser Integer Overflow Denial of Service

CVE ID : CVE-2025-54472 Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago Description : Unlimited memory allocation in redis protocol parser in Apache bRPC (all versions 1.14.1) on all platforms allows attackers to crash the service via network. Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers read from the network. If the integer read from the network is too large, it may cause a bad alloc error and lead to the program crashing. Attackers can exploit this feature by sending special data packets to the bRPC service to carry out a denial-of-service attack on it. The bRPC 1.14.0 version tried to fix this issue by limited the memory allocation size, however, the limitation checking code is not well implemented that may cause integer overflow and evade such limitation. So the 1.14.0 version is also vulnerable, although the integer range that affect version 1.14.0 is different from that affect version 1.14.0. Affected scenarios: Using bRPC as a Redis server to provide network services to untrusted clients, or using bRPC as a Redis client to call untrusted Redis services. How to Fix: we provide two methods, you can choose one of them: 1. Upgrade bRPC to version 1.14.1. 2. Apply this patch ( https://github.com/apache/brpc/pull/3050 ) manually. No matter you choose which method, you should note that the patch limits the maximum length of memory allocated for each time in the bRPC Redis parser. The default limit is 64M. If some of you redis request or response have a size larger than 64M, you might encounter error after upgrade. For such case, you can modify the gflag redis_max_allocation_size to set a larger limit. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-5998 - WordPress PPWP Password Authorization Information Disclosure

CVE ID : CVE-2025-5998 Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago Description : The PPWP – Password Protect Pages WordPress plugin before version 1.9.11 allows to put the site content behind a password authorization, however users with subscriber or greater roles can view content via the REST API. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-8952 - Campcodes Online Flight Booking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8952 Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago Description : A vulnerability was found in Campcodes Online Flight Booking Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-8953 - SourceCodester COVID 19 Testing Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8953 Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago Description : A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /check_availability.php. The manipulation of the argument employeeid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-8954 - PHPGurukul Hospital Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8954 Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago Description : A vulnerability was identified in PHPGurukul Hospital Management System 4.0. This affects an unknown part of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 09:15:00 GMT

read more

CVE-2025-27388 - Apple Safari DOM-Based Cross-Site Scripting (XSS)

CVE ID : CVE-2025-27388 Published : Aug. 14, 2025, 8:15 a.m. | 2 hours, 9 minutes ago Description : Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 08:15:00 GMT

read more

CVE-2025-8950 - Campcodes Online Recruitment Management System SQL Injection

CVE ID : CVE-2025-8950 Published : Aug. 14, 2025, 8:15 a.m. | 2 hours, 9 minutes ago Description : A vulnerability was identified in Campcodes Online Recruitment Management System 1.0. This issue affects some unknown processing of the file /Recruitment/index.php?page=view_vacancy. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 08:15:00 GMT

read more

CVE-2025-8951 - PHPGurukul Teachers Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8951 Published : Aug. 14, 2025, 8:15 a.m. | 2 hours, 9 minutes ago Description : A vulnerability has been found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 08:15:00 GMT

read more

CVE-2025-8947 - Projectworlds Visitor Management System SQL Injection

CVE ID : CVE-2025-8947 Published : Aug. 14, 2025, 7:15 a.m. | 3 hours, 9 minutes ago Description : A vulnerability was found in projectworlds Visitor Management System 1.0. This issue affects some unknown processing of the file /query_data.php. The manipulation of the argument dateF/dateP leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 07:15:00 GMT

read more

CVE-2025-8948 - Projectworlds Visitor Management System SQL Injection

CVE ID : CVE-2025-8948 Published : Aug. 14, 2025, 7:15 a.m. | 3 hours, 9 minutes ago Description : A vulnerability was determined in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /front.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 07:15:00 GMT

read more

CVE-2025-8949 - D-Link DIR-825 HTTPd Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8949 Published : Aug. 14, 2025, 7:15 a.m. | 3 hours, 9 minutes ago Description : A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function get_ping_app_stat of the file ping_response.cgi of the component httpd. The manipulation of the argument ping_ipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 07:15:00 GMT

read more

CVE-2025-3414 - WordPress Structured Content (JSON-LD) Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3414 Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago Description : The Structured Content (JSON-LD) #wpsc WordPress plugin before 1.7.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-6790 - Quiz and Survey Master WordPress CSRF Vulnerability

CVE ID : CVE-2025-6790 Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago Description : The Quiz and Survey Master (QSM) WordPress plugin before 10.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-7808 - Shopify WP WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-7808 Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago Description : The WP Shopify WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-8046 - "WordPress Injection Guard Reflected Cross-Site Scripting"

CVE ID : CVE-2025-8046 Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago Description : The Injection Guard WordPress plugin before 1.2.8 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-8939 - Tenda AC20 Buffer Overflow in WifiGuestSet

CVE ID : CVE-2025-8939 Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago Description : A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-8940 - "Tenda AC20 strcpy Buffer Overflow Vulnerability"

CVE ID : CVE-2025-8940 Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago Description : A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this vulnerability is the function strcpy of the file /goform/saveParentControlInfo. The manipulation of the argument Time leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-8946 - Projectworlds Online Notes Sharing Platform SQL Injection Vulnerability

CVE ID : CVE-2025-8946 Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago Description : A vulnerability has been found in projectworlds Online Notes Sharing Platform 1.0. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument User leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 06:15:00 GMT

read more

CVE-2025-5942 - Netskope NS Client Windows Heap Overflow Denial-of-Service

CVE ID : CVE-2025-5942 Published : Aug. 14, 2025, 5:15 a.m. | 5 hours, 9 minutes ago Description : Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, an unprivileged user can trigger a heap overflow in the epdlpdrv.sys driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation can also potentially be performed by an unprivileged user whose NS Client is configured to use Endpoint DLP. A successful exploit can result in a denial-of-service for the local machine. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-8936 - "1000 Projects Sales Management System SQL Injection"

CVE ID : CVE-2025-8936 Published : Aug. 14, 2025, 5:15 a.m. | 5 hours, 9 minutes ago Description : A vulnerability was determined in 1000 Projects Sales Management System 1.0. Affected by this issue is some unknown functionality of the file /superstore/dist/dordupdate.php. The manipulation of the argument select2 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-8937 - TOTOLINK N350R Command Injection Vulnerability

CVE ID : CVE-2025-8937 Published : Aug. 14, 2025, 5:15 a.m. | 5 hours, 9 minutes ago Description : A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826. This vulnerability affects unknown code of the file /boafrm/formSysCmd. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-8938 - TOTOLINK N350R Telnet Service Remote Backdoor Vulnerability

CVE ID : CVE-2025-8938 Published : Aug. 14, 2025, 5:15 a.m. | 5 hours, 9 minutes ago Description : A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826. This issue affects the function formSysTel of the file /boafrm/formSysTel of the component Telnet Service. The manipulation of the argument TelEnabled leads to backdoor. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2024-7402 - Netskope Client Administrative Privilege Escalation and Configuration Tampering Vulnerability

CVE ID : CVE-2024-7402 Published : Aug. 14, 2025, 5:15 a.m. | 3 hours, 26 minutes ago Description : Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-0309 - Netskope Client TLS Certificate Validation Bypass Privilege Elevation Vulnerability

CVE ID : CVE-2025-0309 Published : Aug. 14, 2025, 5:15 a.m. | 3 hours, 26 minutes ago Description : An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to elevate privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-5941 - Netskope NS Client DNS Memory Leak

CVE ID : CVE-2025-5941 Published : Aug. 14, 2025, 5:15 a.m. | 3 hours, 26 minutes ago Description : Netskope is notified about a potential gap in its agent (NS Client) in which a malicious actor could trigger a memory leak by sending a crafted DNS packet to a machine. A successful exploitation may require administrative privileges on the machine, based on the exact configuration. A successful exploit can potentially result in user-controllable memory being leaked in a domain name stored on the local machine. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 05:15:00 GMT

read more

CVE-2025-8934 - "1000 Projects Sales Management System Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-8934 Published : Aug. 14, 2025, 4:16 a.m. | 4 hours, 26 minutes ago Description : A vulnerability has been found in 1000 Projects Sales Management System 1.0. Affected is an unknown function of the file /sales.php. The manipulation of the argument select2112 leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 04:16:00 GMT

read more

CVE-2025-8935 - "1000 Projects Sales Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-8935 Published : Aug. 14, 2025, 4:16 a.m. | 4 hours, 26 minutes ago Description : A vulnerability was found in 1000 Projects Sales Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /superstore/custcmp.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 04:16:00 GMT

read more

CVE-2025-8933 - "1000 Projects Sales Management System Cross Site Scripting Vulnerability"

CVE ID : CVE-2025-8933 Published : Aug. 14, 2025, 4:15 a.m. | 4 hours, 26 minutes ago Description : A vulnerability was identified in 1000 Projects Sales Management System 1.0. This issue affects some unknown processing of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 04:15:00 GMT

read more

CVE-2025-8931 - Code-projects Medical Store Management System SQL Injection

CVE ID : CVE-2025-8931 Published : Aug. 14, 2025, 3:15 a.m. | 5 hours, 26 minutes ago Description : A vulnerability was determined in code-projects Medical Store Management System 1.0. Affected is an unknown function of the file ChangePassword.java. The manipulation of the argument newPassTxt leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 03:15:00 GMT

read more

CVE-2025-8932 - "1000 Projects Sales Management System SQL Injection"

CVE ID : CVE-2025-8932 Published : Aug. 14, 2025, 3:15 a.m. | 5 hours, 26 minutes ago Description : A vulnerability was determined in 1000 Projects Sales Management System 1.0. This vulnerability affects unknown code of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 03:15:00 GMT

read more

CVE-2025-8930 - "Code-projects Medical Store Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-8930 Published : Aug. 14, 2025, 3:15 a.m. | 5 hours, 6 minutes ago Description : A vulnerability was found in code-projects Medical Store Management System 1.0. This issue affects some unknown processing of the file UpdateCompany.java of the component Update Company Page. The manipulation of the argument companyNameTxt leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 03:15:00 GMT

read more

CVE-2025-55198 - Helm Chart YAML Parsing Type Error Denial of Service

CVE ID : CVE-2025-55198 Published : Aug. 14, 2025, 12:15 a.m. | 8 hours, 7 minutes ago Description : Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yaml and index.yaml files, an improper validation of type error can lead to a panic. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring YAML files are formatted as Helm expects prior to processing them with Helm. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 00:15:00 GMT

read more

CVE-2025-55199 - Helm Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-55199 Published : Aug. 14, 2025, 12:15 a.m. | 8 hours, 7 minutes ago Description : Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory (OOM) termination. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring all Helm charts that are being loaded into Helm do not have any reference of $ref pointing to /dev/zero. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 14 Aug 2025 00:15:00 GMT

read more

CVE-2025-55194 - Part-DB Persistent File Extension Denial of Service

CVE ID : CVE-2025-55194 Published : Aug. 13, 2025, 11:15 p.m. | 7 hours, 26 minutes ago Description : Part-DB is an open source inventory management system for electronic components. Prior to version 1.17.3, any authenticated user can upload a profile picture with a misleading file extension (e.g., .jpg.txt), resulting in a persistent 500 Internal Server Error when attempting to view or edit that user’s profile. This makes the profile permanently inaccessible via the UI for both users and administrators, constituting a Denial of Service (DoS) within the user management interface. This issue has been patched in version 1.17.3. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 23:15:00 GMT

read more

CVE-2025-55196 - Kubernetes External Secrets Operator Namespace Bypass Vulnerability

CVE ID : CVE-2025-55196 Published : Aug. 13, 2025, 11:15 p.m. | 7 hours, 26 minutes ago Description : External Secrets Operator is a Kubernetes operator that integrates external secret management systems. From version 0.15.0 to before 0.19.2, a vulnerability was discovered where the List() calls for Kubernetes Secret and SecretStore resources performed by the PushSecret controller did not apply a namespace selector. This flaw allowed an attacker to use label selectors to list and read secrets/secret-stores across the cluster, bypassing intended namespace restrictions. An attacker with the ability to create or update PushSecret resources and control SecretStore configurations could exploit this vulnerability to exfiltrate sensitive data from arbitrary namespaces. This could lead to full disclosure of Kubernetes secrets, including credentials, tokens, and other sensitive information stored in the cluster. This vulnerability has been patched in version 0.19.2. A workaround for this issue includes auditing and restricting RBAC permissions so that only trusted service accounts can create or update PushSecret and SecretStore resources. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 23:15:00 GMT

read more

CVE-2025-55197 - PyPDF FlateDecode Filter Exhaustion Denial of Service

CVE ID : CVE-2025-55197 Published : Aug. 13, 2025, 11:15 p.m. | 7 hours, 26 minutes ago Description : pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are affected on explicit access. This issue has been fixed in 6.0.0. If an update is not possible, a workaround involves including the fixed code from pypdf.filters.decompress into the existing filters file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 23:15:00 GMT

read more

CVE-2025-55193 - Ruby on Rails ANSI Sequence Injection Vulnerability

CVE ID : CVE-2025-55193 Published : Aug. 13, 2025, 11:15 p.m. | 7 hours, 2 minutes ago Description : Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be logged without escaping. If this is directly to the terminal it may include unescaped ANSI sequences. This issue has been patched in versions 7.1.5.2, 7.2.2.2, and 8.0.2.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 23:15:00 GMT

read more

CVE-2025-8928 - Code-projects Medical Store Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8928 Published : Aug. 13, 2025, 10:15 p.m. | 8 hours, 2 minutes ago Description : A vulnerability was identified in code-projects Medical Store Management System 1.0. This affects an unknown part of the file UpdateMedicines.java of the component Update Medicines Page. The manipulation of the argument productNameTxt leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 22:15:00 GMT

read more

CVE-2025-8929 - Code-projects Medical Store Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8929 Published : Aug. 13, 2025, 10:15 p.m. | 8 hours, 1 minute ago Description : A vulnerability has been found in code-projects Medical Store Management System 1.0. This vulnerability affects unknown code of the file MainPanel.java. The manipulation of the argument searchTxt leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 22:15:00 GMT

read more

CVE-2012-10058 - RabidHamster Web Server Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2012-10058 Published : Aug. 13, 2025, 9:15 p.m. | 9 hours, 1 minute ago Description : RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10059 - Dolibarr ERP/CRM OS Command Injection Vulnerability

CVE ID : CVE-2012-10059 Published : Aug. 13, 2025, 9:15 p.m. | 9 hours, 1 minute ago Description : Dolibarr ERP/CRM versions 3.1.1 and 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sql_compat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code execution on the server. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10060 - Sysax Multi Server SSH Stack Buffer Overflow

CVE ID : CVE-2012-10060 Published : Aug. 13, 2025, 9:15 p.m. | 9 hours, 1 minute ago Description : Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code execution under the context of the service. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2025-34154 - UnForm Server Manager Unauthenticated File Read Vulnerability

CVE ID : CVE-2025-34154 Published : Aug. 13, 2025, 9:15 p.m. | 9 hours, 1 minute ago Description : UnForm Server Manager versions prior to 10.1.12 expose an unauthenticated file read vulnerability via its log file analysis interface. The flaw resides in the arc endpoint, which accepts a fl parameter to specify the log file to be opened. Due to insufficient input validation and lack of path sanitization, attackers can supply relative paths to access arbitrary files on the host system — including sensitive OS-level files — without authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10014 - GTA San Andreas Multiplayer (SA-MP) Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2011-10014 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted echo directive containing excessive input. The original 'sa-mp.com' site is defunct, but the community maintains mirrors and forks that may be vulnerable. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10015 - Cytel Studio Buffer Overflow Vulnerability

CVE ID : CVE-2011-10015 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer (256 bytes) without proper bounds checking. Exploitation allows arbitrary code execution when the crafted file is opened. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10016 - RealNetworks Netzip Classic Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2011-10016 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archive that exceeds the expected buffer size. Exploitation allows arbitrary code execution under the context of the victim user when the ZIP file is opened. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10017 - Snort Nmap PHP Remote Command Execution Vulnerability

CVE ID : CVE-2011-10017 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : Snort Report versions 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and can result in full compromise of the underlying system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10018 - MyBB Unauthorized Remote Code Execution Backdoor

CVE ID : CVE-2011-10018 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10019 - Spreecommerce Remote Command Execution Vulnerability

CVE ID : CVE-2011-10019 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute arbitrary shell commands on the server without authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10054 - Umbraco CMS Remote Code Execution Vulnerability

CVE ID : CVE-2012-10054 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter, attackers can write malicious ASPX scripts directly into the web-accessible /umbraco/ directory and execute them remotely. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10055 - F-Secure ComSndFTP Format String Vulnerability

CVE ID : CVE-2012-10055 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory (specifically WSACleanup from Ws2_32.dll). This allows the attacker to redirect execution flow and bypass DEP protections using a ROP chain, ultimately leading to arbitrary code execution. The vulnerability is exploitable without authentication and affects default configurations. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10056 - Apache Volunteer Management System Remote File Upload Vulnerability

CVE ID : CVE-2012-10056 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : PHP Volunteer Management System v1.0.2 contains an arbitrary file upload vulnerability in its document upload functionality. Authenticated users can upload files to the mods/documents/uploads/ directory without any restriction on file type or extension. Because this directory is publicly accessible and lacks execution controls, attackers can upload a malicious PHP payload and execute it remotely. The application ships with default credentials, making exploitation trivial. Once authenticated, the attacker can upload a PHP shell and trigger it via a direct GET request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2012-10057 - Lattice Semiconductor ispVM Buffer Overflow Vulnerability

CVE ID : CVE-2012-10057 Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago Description : Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on the stack. This can result in arbitrary code execution under the context of the user who opens the file. The vulnerability is triggered locally by opening a malicious .xcf file and does not require elevated privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10011 - WeBid Remote Code Injection Vulnerability

CVE ID : CVE-2011-10011 Published : Aug. 13, 2025, 9:15 p.m. | 5 hours, 26 minutes ago Description : WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remote code execution when the modified script is accessed or included by the application. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10012 - Impero Software NetOp Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2011-10012 Published : Aug. 13, 2025, 9:15 p.m. | 5 hours, 26 minutes ago Description : NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10013 - Traq Remote Code Execution Vulnerability

CVE ID : CVE-2011-10013 Published : Aug. 13, 2025, 9:15 p.m. | 5 hours, 26 minutes ago Description : Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be exploited via plugins.php to inject and execute arbitrary PHP code. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10009 - Apache S40 CMS Path Traversal Vulnerability

CVE ID : CVE-2011-10009 Published : Aug. 13, 2025, 9:15 p.m. | 1 hour, 6 minutes ago Description : S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary files outside the web root. This can be exploited remotely without authentication by appending traversal sequences and a null byte to bypass file extension checks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2011-10010 - QuickShare File Server FTP Path Traversal Vulnerability

CVE ID : CVE-2011-10010 Published : Aug. 13, 2025, 9:15 p.m. | 1 hour, 6 minutes ago Description : QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the "Writable" option is enabled (default during account creation), this allows attackers to upload arbitrary files to privileged locations such as system32, enabling remote code execution via MOF injection or executable placement. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 21:15:00 GMT

read more

CVE-2025-43982 - Tuoshi NR500-EA SSH Default Credential Vulnerability

CVE ID : CVE-2025-43982 Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago Description : Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-43986 - KuWFi GC111 Telnet Authentication Bypass

CVE ID : CVE-2025-43986 Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago Description : An issue was discovered on KuWFi GC111 GC111-GL-LM321_V3.0_20191211 devices. The TELNET service is enabled by default and exposed over the WAN interface without authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-43988 - KuWFi 5G01-X55 RCE through Unauthenticated API Endpoint

CVE ID : CVE-2025-43988 Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago Description : KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi), allowing remote attackers to retrieve sensitive configuration data, including admin credentials. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-8926 - SourceCodester COVID 19 Testing Management System SQL Injection

CVE ID : CVE-2025-8926 Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago Description : A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-8927 - Mtons MBlog Authentication Bypass Vulnerability

CVE ID : CVE-2025-8927 Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago Description : A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/send_code of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 20:15:00 GMT

read more

CVE-2025-8925 - iSourcecode Sports Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8925 Published : Aug. 13, 2025, 7:15 p.m. | 3 hours, 6 minutes ago Description : A vulnerability has been found in itsourcecode Sports Management System 1.0. Affected is an unknown function of the file /Admin/match.php. The manipulation of the argument code leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-43989 - Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLIC Command Injection Vulnerability

CVE ID : CVE-2025-43989 Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago Description : The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices mishandles the set_timesetting action with the ntpserver0 parameter, which is used in a system command. By setting a username=admin cookie (bypassing normal session checks), an unauthenticated attacker can use that parameter to execute arbitrary OS commands. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-45313 - Hortusfox Web XSS

CVE ID : CVE-2025-45313 Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago Description : A cross-site scripting (XSS) vulnerability in the /tasks endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the title parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-8922 - Job Diary SQL Injection Vulnerability

CVE ID : CVE-2025-8922 Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago Description : A vulnerability was found in code-projects Job Diary 1.0. This affects an unknown part of the file /admin-inbox.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-8923 - Code-Projects Job Diary SQL Injection Vulnerability

CVE ID : CVE-2025-8923 Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago Description : A vulnerability was determined in code-projects Job Diary 1.0. This vulnerability affects unknown code of the file /edit-details.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-8924 - Campcodes Online Water Billing System SQL Injection

CVE ID : CVE-2025-8924 Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago Description : A vulnerability was identified in Campcodes Online Water Billing System 1.0. This issue affects some unknown processing of the file /viewbill.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 19:15:00 GMT

read more

CVE-2025-50615 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50615 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_mac_filter_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-50616 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50616 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046f984 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_advanced_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-50617 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50617 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wps_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-50946 - Olivetin Command Injection Vulnerability

CVE ID : CVE-2025-50946 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-5819 - GitLab CE/EE Authentication Bypass

CVE ID : CVE-2025-5819 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 15.7 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated users with developer access to obtain ID tokens for protected branches under certain circumstances. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-6186 - GitLab Cross-Site Scripting (XSS)

CVE ID : CVE-2025-6186 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-7734 - GitLab Cross-Site Scripting (XSS)

CVE ID : CVE-2025-7734 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 14.2 before 18.0.6, 18.1 before 18.1.4 and 18.2 before 18.2.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by injecting malicious content. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-7739 - GitLab CE/EE Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7739 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 18.2 before 18.2.2 that, under certain conditions, could have allowed authenticated users to achieve stored cross-site scripting by injecting malicious HTML content in scoped label descriptions. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8754 - ABB AbilityTM zenon Missing Authentication for Critical Function

CVE ID : CVE-2025-8754 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : Missing Authentication for Critical Function vulnerability in ABB ABB AbilityTM zenon.This issue affects ABB AbilityTM zenon: from 7.50 through 14. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8770 - GitLab EE Authentication Bypass Vulnerability

CVE ID : CVE-2025-8770 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8904 - Amazon EMR Kerberos Keytab File Disclosure

CVE ID : CVE-2025-8904 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR version 7.5 or higher. For Amazon EMR releases between 6.10 and 7.4, we strongly recommend that you run the bootstrap script and RPM files with the fix provided in the location below. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8919 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8919 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8920 - Portabilis i-Diario Dicionário de Termos BNCC Page Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8920 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : A vulnerability was identified in Portabilis i-Diario 1.6. Affected by this vulnerability is an unknown functionality of the file /dicionario-de-termos-bncc of the component Dicionário de Termos BNCC Page. The manipulation of the argument Planos de ensino leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-8921 - Code-Projects Job Diary SQL Injection Vulnerability

CVE ID : CVE-2025-8921 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago Description : A vulnerability has been found in code-projects Job Diary 1.0. Affected by this issue is some unknown functionality of the file /user-apply.php. The manipulation of the argument job_title leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-2937 - GitLab Markdown Wiki Denial of Service Vulnerability

CVE ID : CVE-2025-2937 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to create a denial of service condition by sending specially crafted markdown payloads to the Wiki feature. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-45314 - Hortusfox Web Calendar XSS

CVE ID : CVE-2025-45314 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago Description : A cross-site scripting (XSS) vulnerability in the /Calendar endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the add function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-45315 - Hortusfox Web XSS

CVE ID : CVE-2025-45315 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago Description : A cross-site scripting (XSS) vulnerability in the /controller/admin.php endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the email parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-45316 - Hortusfox Web TextBlockModule XSS

CVE ID : CVE-2025-45316 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago Description : A cross-site scripting (XSS) vulnerability in the TextBlockModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-45317 - Hortusfox-web Zip Slip Vulnerability

CVE ID : CVE-2025-45317 Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago Description : A zip slip vulnerability in the /modules/ImportModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary code via a crafted archive. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-23303 - NVIDIA NeMo Framework Remote Code Execution (RCE)

CVE ID : CVE-2025-23303 Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago Description : NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-23304 - NVIDIA NeMo Code Injection Vulnerability

CVE ID : CVE-2025-23304 Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago Description : NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-23305 - NVIDIA Megatron-LM Code Injection Vulnerability

CVE ID : CVE-2025-23305 Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago Description : NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-23306 - NVIDIA Megatron-LM Code Injection Vulnerability

CVE ID : CVE-2025-23306 Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago Description : NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments.py component where an attacker could cause a code injection issue by providing a malicious input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-2498 - "Gitlab EE Improper Access Control Vulnerability"

CVE ID : CVE-2025-2498 Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago Description : An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that under certain conditions could have allowed users to view assigned issues from restricted groups by bypassing IP restrictions. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-2614 - GitLab CE/EE Resource Exhaustion Denial of Service

CVE ID : CVE-2025-2614 Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resources when processed. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 18:15:00 GMT

read more

CVE-2025-2180 - Palo Alto Networks Checkov by Prisma Cloud Deserialization Vulnerability

CVE ID : CVE-2025-2180 Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago Description : An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud. This issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-2181 - Palo Alto Networks Checkov Prisma Cloud Sensitive Information Disclosure

CVE ID : CVE-2025-2181 Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago Description : A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud can result in the cleartext exposure of Prisma Cloud access keys in Checkov's output. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-2182 - Palo Alto Networks PAN-OS MACsec CAK Exposure

CVE ID : CVE-2025-2182 Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago Description : A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in the cleartext exposure of the connectivity association key (CAK). This issue is only applicable to PA-7500 Series devices which are in an NGFW cluster. A user who possesses this key can read messages being sent between devices in a NGFW Cluster. There is no impact in non-clustered firewalls or clusters of firewalls that do not enable MACsec. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-2183 - Palo Alto Networks GlobalProtect Certificate Validation Bypass

CVE ID : CVE-2025-2183 Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago Description : An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-2184 - Palo Alto Networks Cortex XDR Broker VM Default Credential Sharing Vulnerability

CVE ID : CVE-2025-2184 Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago Description : A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations. The attacker must have network access to the Broker VM to exploit this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-34153 - Hyland OnBase .NET Remoting RCE via Insecure Deserialization

CVE ID : CVE-2025-34153 Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago Description : Hyland OnBase versions prior to 17.0.2.87 (other versions may be affected) are vulnerable to unauthenticated remote code execution via insecure deserialization on the .NET Remoting TCP channel. The service registers a listener on port 6031 with the URI endpoint TimerServer, implemented in Hyland.Core.Timers.dll. This endpoint deserializes untrusted input using the .NET BinaryFormatter, allowing attackers to execute arbitrary code under the context of NT AUTHORITY\SYSTEM. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-50594 - Danphe Health Hospital Management System EMR Password Reset Vulnerability

CVE ID : CVE-2025-50594 Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago Description : An issue was discovered in /Code/Websites/DanpheEMR/Controllers/Settings/SecuritySettingsController.cs in Danphe Health Hospital Management System EMR 3.2 allowing attackers to reset any account password. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-51451 - TOTOLINK EX1200T Authentication Bypass

CVE ID : CVE-2025-51451 Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago Description : In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-52385 - "Studio 3T Remote Code Execution Vulnerability"

CVE ID : CVE-2025-52385 Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago Description : An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 17:15:00 GMT

read more

CVE-2025-50608 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50608 Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00471994 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50609 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50609 Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the Function_00465620 of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of specify_parame in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50610 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50610 Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00476598 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50611 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50611 Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set_5g and wl_sec_rp_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50612 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50612 Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago Description : A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set in the payload, which may cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50613 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50613 Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_key_wep in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-50614 - Netis WF2880 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50614 Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago Description : A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_0047151c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-51452 - TOTOLINK A7000R Authentication Bypass Vulnerability

CVE ID : CVE-2025-51452 Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago Description : In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-8918 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8918 Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago Description : A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_instituicao_cad.php of the component Editar Page. The manipulation of the argument neighborhood name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 16:15:00 GMT

read more

CVE-2025-51691 - MarkTwo XSS Attack Vector

CVE ID : CVE-2025-51691 Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago Description : Cross-Site Scripting (XSS) vulnerability found in MarkTwo commit e3a1d3f90cce4ea9c26efcbbf3a1cbfb9dcdb298 (May 2025) allows a remote attacker to execute arbitrary code via a crafted script input to the editor interface. The application does not properly sanitize user-supplied Markdown before rendering it. Successful exploitation could lead to session hijacking, credential theft, or arbitrary client-side code execution in the context of the victim's browser. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-52585 - BIG-IP LTM Anonymous Diffie-Hellman Denial of Service

CVE ID : CVE-2025-52585 Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago Description : When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman (ADH) ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-53859 - NGINX SMTP Module Information Leak

CVE ID : CVE-2025-53859 Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago Description : NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method "none," and (3) the authentication server returns the "Auth-Wait" response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-54500 - Apache HTTP/2 Denial-of-Service Vulnerability

CVE ID : CVE-2025-54500 Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago Description : An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-54809 - F5 Access for Android SSL/TLS Man-in-the-Middle (MitM) Vulnerability

CVE ID : CVE-2025-54809 Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago Description : F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint identity. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-55163 - Netty HTTP/2 MadeYouReset DDoS Vulnerability

CVE ID : CVE-2025-55163 Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago Description : Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit - which results in resource exhaustion and distributed denial of service. This issue has been patched in versions 4.1.124.Final and 4.2.4.Final. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-8941 - Linux-Pam Symlink Privilege Escalation Vulnerability

CVE ID : CVE-2025-8941 Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago Description : A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-46405 - BIG-IP APM Traffic Management Microkernel Denial of Service

CVE ID : CVE-2025-46405 Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago Description : When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-48500 - F5 VPN MacOS Browser Client File Integrity Check Bypass

CVE ID : CVE-2025-48500 Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago Description : A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with a malicious package installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-50251 - Makeplane Plane SSRF Vulnerability

CVE ID : CVE-2025-50251 Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago Description : Server side request forgery (SSRF) vulnerability in makeplane plane 0.23.1 via the password recovery. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-50635 - Netis WF2780 Null Pointer Dereference DoS Vulnerability

CVE ID : CVE-2025-50635 Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago Description : A null pointer dereference vulnerability was discovered in Netis WF2780 v2.2.35445. The vulnerability exists in the FUN_0048a728 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the CONTENT_LENGTH variable, causing the program to crash and potentially leading to a denial-of-service (DoS) attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-50690 - OSGeo SpatialReference.org Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-50690 Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago Description : A Cross-Site Scripting (XSS) vulnerability exists in SpatialReference.org (OSGeo/spatialreference.org) versions prior to 2025-05-17 (commit 2120adfa17ddd535bd0f539e6c4988fa3a2cb491). The vulnerability is caused by improper handling of user input in the search query parameter. An attacker can craft a specially formed URL with malicious JavaScript code, which is then reflected back and executed in the victim's browser. This flaw allows an attacker to execute arbitrary JavaScript in the context of the victim's session, potentially leading to session hijacking, phishing attacks, data theft, or redirection to malicious sites. The issue is exposed on publicly accessible pages, making it exploitable by an unauthenticated attacker. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 15:15:00 GMT

read more

CVE-2025-55005 - ImageMagick Logmap Buffer Overflow Vulnerability

CVE ID : CVE-2025-55005 Published : Aug. 13, 2025, 2:15 p.m. | 2 hours, 25 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-55154 - ImageMagick Stack-Based Buffer Overflow

CVE ID : CVE-2025-55154 Published : Aug. 13, 2025, 2:15 p.m. | 2 hours, 25 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has been patched in versions 6.9.13-27 and 7.1.2-1. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-55160 - ImageMagick Denial of Service (DoS) Function-Type Mismatch Vulnerability

CVE ID : CVE-2025-55160 Published : Aug. 13, 2025, 2:15 p.m. | 2 hours, 25 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-55668 - Apache Tomcat Session Fixation

CVE ID : CVE-2025-55668 Published : Aug. 13, 2025, 2:15 p.m. | 2 hours, 25 minutes ago Description : Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-32451 - Foxit Reader Uninitialized Pointer Memory Corruption Vulnerability

CVE ID : CVE-2025-32451 Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago Description : A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-52386 - "CycloneDX Sunshine Formula Injection Vulnerability"

CVE ID : CVE-2025-52386 Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago Description : CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a crafted JSON file Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-52392 - Soosyze CMS Unrestricted Brute-Force Login Attack Vulnerability

CVE ID : CVE-2025-52392 Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago Description : Soosyze CMS 2.0 allows brute-force login attacks via the /user/login endpoint due to missing rate-limiting and lockout mechanisms. An attacker can repeatedly submit login attempts without restrictions, potentially gaining unauthorized administrative access. This vulnerability corresponds to CWE-307: Improper Restriction of Excessive Authentication Attempts. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-54074 - Cherry Studio OS Command Injection Vulnerability

CVE ID : CVE-2025-54074 Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago Description : Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1.5.1, Cherry Studio is vulnerable to OS Command Injection during a connection with a malicious MCP server in HTTP Streamable mode. Attackers can setup a malicious MCP server with compatible OAuth authorization server endpoints and trick victims into connecting it, leading to OS command injection in vulnerable clients. This issue has been patched in version 1.5.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-54382 - Cherry Studio Cherry Picker Remote Code Execution

CVE ID : CVE-2025-54382 Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago Description : Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remote code execution (RCE) vulnerability exists in the Cherry Studio platform when connecting to streamableHttp MCP servers. The issue arises from the server’s implicit trust in the oauth auth redirection endpoints and failure to properly sanitize the URL. This issue has been patched in version 1.5.2. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-54791 - OMERO.web Information Disclosure Vulnerability

CVE ID : CVE-2025-54791 Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago Description : OMERO.web provides a web based client and plugin infrastructure. Prior to version 5.29.2, if an error occurred when resetting a user's password using the Forgot Password option in OMERO.web, the error message displayed on the Web page can disclose information about the user. This issue has been patched in version 5.29.2. A workaround involves disabling the Forgot password option in OMERO.web using the omero.web.show_forgot_password configuration property. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-55004 - ImageMagick Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-55004 Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This can likely be used to leak subsequent memory contents into the output image. This issue has been patched in version 7.1.2-1. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 14:15:00 GMT

read more

CVE-2025-48989 - Apache Tomcat Reset Attack Vulnerability

CVE ID : CVE-2025-48989 Published : Aug. 13, 2025, 1:15 p.m. | 1 hour, 47 minutes ago Description : Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected. Users are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 13:15:00 GMT

read more

CVE-2025-8671 - Apache HTTP/2 Denial-of-Service Vulnerability

CVE ID : CVE-2025-8671 Published : Aug. 13, 2025, 1:15 p.m. | 1 hour, 47 minutes ago Description : A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service (DoS). By opening streams and then rapidly triggering the server to reset them—using malformed frames or flow control errors—an attacker can exploit incorrect stream accounting. Streams reset by the server are considered closed at the protocol level, even though backend processing continues. This allows a client to cause the server to handle an unbounded number of concurrent streams on a single connection. This CVE will be updated as affected product details are released. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 13:15:00 GMT

read more

CVE-2025-8907 - H3C M2 NAS Webserver Configuration Privilege Escalation Vulnerability

CVE ID : CVE-2025-8907 Published : Aug. 13, 2025, 1:15 p.m. | 1 hour, 47 minutes ago Description : A vulnerability was found in H3C M2 NAS V100R006. Affected by this vulnerability is an unknown functionality of the component Webserver Configuration. The manipulation leads to execution with unnecessary privileges. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor explains: "[T]he device only has configuration files and does not actually have boa functionality. It is impossible to access or upload files anonymously to the device through boa services". This vulnerability only affects products that are no longer supported by the maintainer. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 13:15:00 GMT

read more

CVE-2025-8908 - Shanghai Lingdang Information Technology Lingdang CRM SQL Injection

CVE ID : CVE-2025-8908 Published : Aug. 13, 2025, 1:15 p.m. | 1 hour, 47 minutes ago Description : A vulnerability was determined in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. Affected by this issue is some unknown functionality of the file crm/WeiXinApp/yunzhijia/event.php. The manipulation of the argument openid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.6.5 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+." Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 13:15:00 GMT

read more

CVE-2025-54464 - ZKTeco WL20 Unencrypted Credentials Storage

CVE ID : CVE-2025-54464 Published : Aug. 13, 2025, 12:15 p.m. | 2 hours, 47 minutes ago Description : This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted credentials stored in the firmware of targeted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 12:15:00 GMT

read more

CVE-2025-54465 - ZKTeco WL20 Hard-Coded MQTT Credentials Disclosure

CVE ID : CVE-2025-54465 Published : Aug. 13, 2025, 12:15 p.m. | 2 hours, 47 minutes ago Description : This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve the hard-coded MQTT credentials and endpoints from the targeted device. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the MQTT broker and manipulate the communications of the targeted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 12:15:00 GMT

read more

CVE-2025-55279 - ZKTeco WL20 Hard-Coded Private Key Vulnerability

CVE ID : CVE-2025-55279 Published : Aug. 13, 2025, 12:15 p.m. | 2 hours, 47 minutes ago Description : This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve private key stored in the firmware of the targeted device. Successful exploitation of this vulnerability could allow the attacker to perform unauthorized decryption of sensitive data and Man-in-the-Middle (MitM) attacks on the targeted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 12:15:00 GMT

read more

CVE-2025-55280 - ZKTeco WL20 PlainText Data Exposure Vulnerability

CVE ID : CVE-2025-55280 Published : Aug. 13, 2025, 12:15 p.m. | 2 hours, 47 minutes ago Description : This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data and system data in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the plaintext sensitive data stored in the targeted device. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized network access, retrieve and manipulate data on the targeted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 12:15:00 GMT

read more

CVE-2025-8912 - WellChoose Organization Portal System Arbitrary File Reading Vulnerability

CVE ID : CVE-2025-8912 Published : Aug. 13, 2025, 10:15 a.m. | 4 hours, 47 minutes ago Description : Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 10:15:00 GMT

read more

CVE-2025-8913 - WellChoose Organization Portal System Local File Inclusion Vulnerability

CVE ID : CVE-2025-8913 Published : Aug. 13, 2025, 10:15 a.m. | 4 hours, 47 minutes ago Description : Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 10:15:00 GMT

read more

CVE-2025-8914 - WellChoose Organization Portal System SQL Injection

CVE ID : CVE-2025-8914 Published : Aug. 13, 2025, 10:15 a.m. | 4 hours, 47 minutes ago Description : Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 10:15:00 GMT

read more

CVE-2025-8916 - Bouncy Castle for Java Excessive Allocation Memory Vulnerability

CVE ID : CVE-2025-8916 Published : Aug. 13, 2025, 10:15 a.m. | 4 hours, 47 minutes ago Description : Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java , https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathRevi... https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java . This issue affects Bouncy Castle for Java: from BC 1.44 through 1.78, from BCPKIX FIPS 1.0.0 through 1.0.7, from BCPKIX FIPS 2.0.0 through 2.0.7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 10:15:00 GMT

read more

Violation de données personnelles de l&rsquo;opérateur Bouygues Telecom : situation, risques et recommandations

]]>

Wed, 13 Aug 2025 10:13:00 GMT

read more

CVE-2025-8910 - WellChoose Organization Portal System Reflected Cross-site Scripting Vulnerability

CVE ID : CVE-2025-8910 Published : Aug. 13, 2025, 9:15 a.m. | 5 hours, 47 minutes ago Description : Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 09:15:00 GMT

read more

CVE-2025-8911 - WellChoose Organization Portal System Reflected Cross-site Scripting Vulnerability

CVE ID : CVE-2025-8911 Published : Aug. 13, 2025, 9:15 a.m. | 5 hours, 47 minutes ago Description : Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 09:15:00 GMT

read more

CVE-2025-55345 - Codex Symlink File Overwrite RCE

CVE ID : CVE-2025-55345 Published : Aug. 13, 2025, 9:15 a.m. | 3 hours, 25 minutes ago Description : Using Codex CLI in workspace-write mode inside a malicious context (repo, directory, etc) could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 09:15:00 GMT

read more

CVE-2025-8909 - WellChoose Organization Portal System Arbitrary File Reading Vulnerability

CVE ID : CVE-2025-8909 Published : Aug. 13, 2025, 9:15 a.m. | 3 hours, 25 minutes ago Description : Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 09:15:00 GMT

read more

CVE-2025-6184 - Tutor LMS Pro WordPress SQL Injection Vulnerability

CVE ID : CVE-2025-6184 Published : Aug. 13, 2025, 7:15 a.m. | 5 hours, 25 minutes ago Description : The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter used in the get_submitted_assignments() function in all versions up to, and including, 3.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Tutor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Only the Pro version is affected. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 07:15:00 GMT

read more

CVE-2025-8760 - INSTAR fcgi_server Buffer Overflow Vulnerability

CVE ID : CVE-2025-8760 Published : Aug. 13, 2025, 7:15 a.m. | 5 hours, 25 minutes ago Description : A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64_decode of the component fcgi_server. The manipulation of the argument Authorization leads to buffer overflow. It is possible to initiate the attack remotely. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 07:15:00 GMT

read more

CVE-2025-8761 - INSTAR Denial of Service Vulnerability in Backend IPC Server

CVE ID : CVE-2025-8761 Published : Aug. 13, 2025, 7:15 a.m. | 5 hours, 25 minutes ago Description : A vulnerability has been found in INSTAR 2K+ and 4K 3.11.1 Build 1124. This vulnerability affects unknown code of the component Backend IPC Server. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 07:15:00 GMT

read more

CVE-2025-8762 - INSTAR UART Interface Physical Access Control Bypass

CVE ID : CVE-2025-8762 Published : Aug. 13, 2025, 7:15 a.m. | 5 hours, 25 minutes ago Description : A vulnerability was found in INSTAR 2K+ and 4K 3.11.1 Build 1124. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper physical access control. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 07:15:00 GMT

read more

CVE-2025-6715 - LatePoint WordPress Local File Inclusion Vulnerability

CVE ID : CVE-2025-6715 Published : Aug. 13, 2025, 6:15 a.m. | 6 hours, 25 minutes ago Description : The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 06:15:00 GMT

read more

CVE-2025-7384 - "Elementor Forms PHP Object Injection Vulnerability"

CVE ID : CVE-2025-7384 Published : Aug. 13, 2025, 5:15 a.m. | 7 hours, 25 minutes ago Description : The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.3 via deserialization of untrusted input in the get_lead_detail function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in the Contact Form 7 plugin, which is likely to be used alongside, allows attackers to delete arbitrary files, leading to a denial of service or remote code execution when the wp-config.php file is deleted. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 05:15:00 GMT

read more

CVE-2025-0818 - elFinder WordPress Plugin Directory Traversal Vulnerability

CVE ID : CVE-2025-0818 Published : Aug. 13, 2025, 4:16 a.m. | 8 hours, 24 minutes ago Description : Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an instance of the file manager available to users. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 04:16:00 GMT

read more

CVE-2025-8491 - Easy Restaurant Menu Manager for WordPress CSRF

CVE ID : CVE-2025-8491 Published : Aug. 13, 2025, 4:16 a.m. | 8 hours, 24 minutes ago Description : The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the nsc_eprm_save_menu() function. This makes it possible for unauthenticated attackers to upload a menu file via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 04:16:00 GMT

read more

CVE-2025-8891 - OceanWP Cross-Site Request Forgery (CSRF)

CVE ID : CVE-2025-8891 Published : Aug. 13, 2025, 4:16 a.m. | 8 hours, 24 minutes ago Description : The OceanWP theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.0.9 to 4.1.1. This is due to missing or incorrect nonce validation on the oceanwp_notice_button_click() function. This makes it possible for unauthenticated attackers to install the Ocean Extra plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 04:16:00 GMT

read more

CVE-2025-8880 - Google Chrome V8 Race Condition Execution of Arbitrary Code

CVE ID : CVE-2025-8880 Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 25 minutes ago Description : Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-8881 - Google Chrome File Picker Cross-Origin Data Leak

CVE ID : CVE-2025-8881 Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 25 minutes ago Description : Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-8882 - Google Chrome Aura Use-After-Free Vulnerability

CVE ID : CVE-2025-8882 Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 25 minutes ago Description : Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-8901 - Google Chrome ANGLE Out-of-Bounds Memory Access Vulnerability

CVE ID : CVE-2025-8901 Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 25 minutes ago Description : Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-4410 - Cisco SetupUtility Buffer Overflow Vulnerability

CVE ID : CVE-2025-4410 Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 6 minutes ago Description : A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local privileged access can exploit this vulnerability by executeing arbitrary code. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-8879 - Google Chrome Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-8879 Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 6 minutes ago Description : Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 03:15:00 GMT

read more

CVE-2025-4276 - Intel UsbCoreDxe SMM Arbitrary Code Execution

CVE ID : CVE-2025-4276 Published : Aug. 13, 2025, 2:15 a.m. | 10 hours, 6 minutes ago Description : UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 02:15:00 GMT

read more

CVE-2025-4277 - Intel Tcg2Smm SMM Execute Code Arbitrary Memory Write

CVE ID : CVE-2025-4277 Published : Aug. 13, 2025, 2:15 a.m. | 10 hours, 6 minutes ago Description : Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 13 Aug 2025 02:15:00 GMT

read more

Fuite de données chez France Link Interactive

]]>

Wed Aug 13 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-54232 - Adobe Framemaker Use After Free Vulnerability

CVE ID : CVE-2025-54232 Published : Aug. 12, 2025, 11:15 p.m. | 10 hours, 24 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54233 - Adobe Framemaker Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-54233 Published : Aug. 12, 2025, 11:15 p.m. | 10 hours, 24 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54238 - Dimension Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-54238 Published : Aug. 12, 2025, 11:15 p.m. | 10 hours, 24 minutes ago Description : Dimension versions 4.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-8395 - "CVE-xxxx: Apache Struts SQL Injection Vulnerability"

CVE ID : CVE-2025-8395 Published : Aug. 12, 2025, 11:15 p.m. | 10 hours, 24 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-49457 - Zoom Untrusted Search Path Privilege Escalation Vulnerability

CVE ID : CVE-2025-49457 Published : Aug. 12, 2025, 11:15 p.m. | 9 hours, 25 minutes ago Description : Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54229 - Adobe Framemaker Use After Free Vulnerability

CVE ID : CVE-2025-54229 Published : Aug. 12, 2025, 11:15 p.m. | 9 hours, 25 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54230 - Adobe Framemaker Use-After-Free Vulnerability

CVE ID : CVE-2025-54230 Published : Aug. 12, 2025, 11:15 p.m. | 9 hours, 25 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54231 - Adobe Framemaker Use After Free Vulnerability

CVE ID : CVE-2025-54231 Published : Aug. 12, 2025, 11:15 p.m. | 9 hours, 25 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-49456 - Zoom Windows Installer Race Condition Vulnerability

CVE ID : CVE-2025-49456 Published : Aug. 12, 2025, 11:15 p.m. | 7 hours, 25 minutes ago Description : Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 23:15:00 GMT

read more

CVE-2025-54222 - Substance3D Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-54222 Published : Aug. 12, 2025, 10:15 p.m. | 8 hours, 25 minutes ago Description : Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 22:15:00 GMT

read more

CVE-2025-55170 - WeGIA Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-55170 Published : Aug. 12, 2025, 9:15 p.m. | 9 hours, 25 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a reflected cross-site scripting (XSS) vulnerability was identified in the /html/alterar_senha.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the verificacao and redir_config parameter. This issue has been patched in version 3.4.8. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-55171 - WeGIA Unauthenticated File Deletion Vulnerability

CVE ID : CVE-2025-55171 Published : Aug. 12, 2025, 9:15 p.m. | 9 hours, 25 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, the application does not check authentication at endpoint /html/personalizacao_remover.php allowing anonymous attacker (without login) to delete any Image files at endpoint /html/personalizacao_remover.php by defining imagem_0 as image id to delete. This issue has been patched in version 3.4.8. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-55165 - Autocaliweb API Key Exposure

CVE ID : CVE-2025-55165 Published : Aug. 12, 2025, 9:15 p.m. | 9 hours, 6 minutes ago Description : Autocaliweb is a web app that offers an interface for browsing, reading, and downloading eBooks using a valid Calibre database. Prior to version 0.8.3, the debug pack generated by Autocaliweb can expose sensitive configuration data, including API keys. This occurs because the to_dict() method, used to serialize configuration for the debug pack, doesn't adequately filter out sensitive fields such as API tokens. Users, unaware of the full contents, might share these debug packs, inadvertently leaking their private API keys. This issue has been patched in version 0.8.3. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54235 - Substance3D Modeler Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-54235 Published : Aug. 12, 2025, 9:15 p.m. | 7 hours, 25 minutes ago Description : Substance3D - Modeler versions 1.22.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54226 - Adobe InDesign Use After Free Vulnerability

CVE ID : CVE-2025-54226 Published : Aug. 12, 2025, 9:15 p.m. | 7 hours, 6 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54227 - Adobe InDesign Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-54227 Published : Aug. 12, 2025, 9:15 p.m. | 7 hours, 6 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54228 - Adobe InDesign Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-54228 Published : Aug. 12, 2025, 9:15 p.m. | 7 hours, 6 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54219 - Adobe InCopy Heap-based Buffer Overflow Arbitrary Code Execution

CVE ID : CVE-2025-54219 Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54220 - Adobe InCopy Heap-based Buffer Overflow Arbitrary Code Execution

CVE ID : CVE-2025-54220 Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54221 - Adobe InCopy Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-54221 Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54223 - Adobe InCopy Use After Free Vulnerability

CVE ID : CVE-2025-54223 Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54224 - Adobe InDesign Use After Free Vulnerability

CVE ID : CVE-2025-54224 Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54225 - Adobe InDesign Use After Free Vulnerability (Arbitrary Code Execution)

CVE ID : CVE-2025-54225 Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54217 - Adobe InCopy Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54217 Published : Aug. 12, 2025, 9:15 p.m. | 3 hours, 24 minutes ago Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54218 - Adobe InCopy Out-of-Bounds Write Arbitrary Code Execution

CVE ID : CVE-2025-54218 Published : Aug. 12, 2025, 9:15 p.m. | 3 hours, 24 minutes ago Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54208 - Adobe InDesign Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-54208 Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54209 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54209 Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54210 - Adobe InDesign Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-54210 Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54211 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54211 Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54212 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-54212 Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54213 - Adobe InDesign Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-54213 Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54214 - Adobe InDesign Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-54214 Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54215 - Adobe InCopy Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-54215 Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54216 - Adobe InCopy Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-54216 Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2025-54207 - Adobe InDesign Uninitialized Pointer Code Execution Vulnerability

CVE ID : CVE-2025-54207 Published : 12 de agosto de 2025 a las 21:15 | 1 hora ago Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 21:15:00 GMT

read more

CVE-2023-45584 - Fortinet FortiOS Double Free Vulnerability

CVE ID : CVE-2023-45584 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12, FortiProxy version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 and FortiPAM version 1.1.0 through 1.1.2 and before 1.0.3 allows a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2024-26009 - Fortinet FortiOS Authentication Bypass via FGFM Requests

CVE ID : CVE-2024-26009 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2024-40588 - Fortinet FortiMail, FortiVoice, FortiRecorder, FortiCamera, FortiNDR Path Traversal Vulnerability

CVE ID : CVE-2024-40588 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0 through 7.6.1 and before 7.4.3, FortiVoice version 7.0.0 through 7.0.5 and before 7.4.9, FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4, FortiCamera & FortiNDR version 7.6.0 and before 7.4.6 may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2024-48892 - FortiSOAR Relative Path Traversal Vulnerability

CVE ID : CVE-2024-48892 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2024-52964 - Fortinet FortiManager Path Traversal Vulnerability

CVE ID : CVE-2024-52964 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9 and below 7.0.13 & FortiManager Cloud version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5 and before 7.2.9 allows an authenticated remote attacker to overwrite arbitrary files via FGFM crafted requests. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-25248 - FortiOS Integer Overflow in SSL-VPN Bookmarks

CVE ID : CVE-2025-25248 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN availability via crafted requests. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-25256 - Fortinet FortiSIEM OS Command Injection

CVE ID : CVE-2025-25256 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-27759 - Fortinet FortiWeb OS Command Injection

CVE ID : CVE-2025-27759 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and before 7.0.10 allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI commands Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-32766 - Fortinet FortiWeb Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-32766 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via crafted CLI commands Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-32932 - FortiSOAR XSS

CVE ID : CVE-2025-32932 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : An Improper neutralization of input during web page generation ('cross-site scripting') vulnerability [CWE-79] in FortiSOAR version 7.6.1 and below, version 7.5.1 and below, 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions WEB UI may allow an authenticated remote attacker to perform an XSS attack via stored malicious service requests Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-36124 - IBM WebSphere Application Server Liberty JMS Message Injection Vulnerability

CVE ID : CVE-2025-36124 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 could allow a remote attacker to bypass security restrictions caused by a failure to honor JMS messaging configuration Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-43734 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-43734 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows a remote authenticated attacker to inject JavaScript code in the “first display label” field in the configuration of a custom sort widget. This malicious payload is then reflected and executed by clay button taglib when refreshing the page. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-47857 - Fortinet FortiWeb OS Command Injection

CVE ID : CVE-2025-47857 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : A improper neutralization of special elements used in an os command ('os command injection') vulnerability [CWE-78] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or command via crafted CLI commands. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-49813 - Fortinet FortiADC OS Command Injection

CVE ID : CVE-2025-49813 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : An improper neutralization of special elements used in an OS Command ("OS Command Injection") vulnerability [CWE-78] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a remote and authenticated attacker with low privilege to execute unauthorized code via specifically crafted HTTP parameters. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-52970 - Fortinet FortiWeb Unauthenticated Privilege Escalation Vulnerability

CVE ID : CVE-2025-52970 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.0.10 and below may allow an unauthenticated remote attacker with non-public information pertaining to the device and targeted user to gain admin privileges on the device via a specially crafted request. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-53744 - FortiOS Security Fabric Privilege Escalation Vulnerability

CVE ID : CVE-2025-53744 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via registering the device to a malicious FortiManager. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-55168 - WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-55168 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/saude/aplicar_medicamento.php endpoint, specifically in the id_fichamedica parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This issue has been patched in version 3.4.8. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-55169 - WeGIA Path Traversal Vulnerability

CVE ID : CVE-2025-55169 Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a path traversal vulnerability was discovered in the WeGIA application, html/socio/sistema/download_remessa.php endpoint. This vulnerability could allow an attacker to gain unauthorized access to local files in the server and sensitive information stored in config.php. config.php contains information that could allow direct access to the database. This issue has been patched in version 3.4.8. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 19:15:00 GMT

read more

CVE-2025-53779 - Microsoft Windows Kerberos Path Traversal Privilege Escalation

CVE ID : CVE-2025-53779 Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago Description : Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53781 - Azure Virtual Machines Information Exposure Vulnerability

CVE ID : CVE-2025-53781 Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago Description : Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53783 - Microsoft Teams Heap Buffer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-53783 Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago Description : Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53784 - Microsoft Office Word Use After Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-53784 Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53788 - Windows Subsystem for Linux TOCTOU Privilege Escalation

CVE ID : CVE-2025-53788 Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago Description : Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53789 - Windows StateRepository API Local Privilege Escalation

CVE ID : CVE-2025-53789 Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago Description : Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53793 - Azure Stack Authentication Bypass

CVE ID : CVE-2025-53793 Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago Description : Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53733 - Microsoft Office Word Integer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-53733 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53734 - Microsoft Office Visio Use-After-Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-53734 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53735 - Microsoft Office Excel Use-After-Free Vulnerability

CVE ID : CVE-2025-53735 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53736 - Microsoft Office Word Buffer Over-Read Information Disclosure

CVE ID : CVE-2025-53736 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53737 - Microsoft Office Excel Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-53737 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53738 - Microsoft Office Word Use After Free Code Execution Vulnerability

CVE ID : CVE-2025-53738 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53739 - Microsoft Office Excel Type Confusion Code Execution Vulnerability

CVE ID : CVE-2025-53739 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53740 - Microsoft Office Use-After-Free Code Execution Vulnerability

CVE ID : CVE-2025-53740 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53741 - Microsoft Office Excel Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-53741 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53759 - Microsoft Office Excel Uninitialized Resource Code Execution Vulnerability

CVE ID : CVE-2025-53759 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53760 - Microsoft Office SharePoint SSRF

CVE ID : CVE-2025-53760 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53761 - Microsoft Office PowerPoint Use-After-Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-53761 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53765 - Azure Stack Information Disclosure Vulnerability

CVE ID : CVE-2025-53765 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53766 - Windows GDI+ Heap-based Buffer Overflow

CVE ID : CVE-2025-53766 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53769 - Windows Security App Path Traversal Vulnerability

CVE ID : CVE-2025-53769 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53772 - Web Deploy Untrusted Data Deserialization Code Execution Vulnerability

CVE ID : CVE-2025-53772 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53773 - GitHub Copilot Command Injection Vulnerability

CVE ID : CVE-2025-53773 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-53778 - Microsoft Windows NTLM Privilege Escalation

CVE ID : CVE-2025-53778 Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago Description : Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 18:15:00 GMT

read more

CVE-2025-24835 - Intel Arc B-Series Graphics Denial of Service Vulnerability

CVE ID : CVE-2025-24835 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Protection mechanism failure in the Intel(R) Graphics Driver for the Intel(R) Arc(TM) B-Series graphics before version 32.0.101.6737 may allow an authenticated user to potentially enable denial of service via local access. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-24840 - Intel Tiber Edge Platform Privilege Escalation Vulnerability

CVE ID : CVE-2025-24840 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Improper access control for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-24921 - Intel Tiber Edge Orchestrator Improper Neutralization Information Disclosure

CVE ID : CVE-2025-24921 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Improper neutralization for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable information disclosure via adjacent access. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-24923 - "Intel AI for Enterprise Retrieval-augmented Generation Uncontrolled Search Path Vulnerability (EoP)"

CVE ID : CVE-2025-24923 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Uncontrolled search path in some Intel(R) AI for Enterprise Retrieval-augmented Generation software may allow an authenticated user to potentially enable escalation of privilege via local access. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-25273 - Intel 700 Series Ethernet Kernel Mode Driver Control Flow Vulnerability

CVE ID : CVE-2025-25273 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26403 - Intel Xeon SGX/TDX OOB Write Privilege Escalation

CVE ID : CVE-2025-26403 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26404 - Intel DSA Uncontrolled Search Path Privilege Escalation

CVE ID : CVE-2025-26404 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Uncontrolled search path for some Intel(R) DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26470 - Intel Distribution for Python Unprivileged Privilege Escalation

CVE ID : CVE-2025-26470 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Incorrect default permissions for some Intel(R) Distribution for Python software installers before version 2025.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26472 - Intel Tiber Edge Platform Denial of Service

CVE ID : CVE-2025-26472 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26697 - Intel 700 Series Ethernet Unauthenticated Denial of Service

CVE ID : CVE-2025-26697 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-26863 - Intel 700 Series Ethernet Denial of Service

CVE ID : CVE-2025-26863 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service. Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27250 - Intel Tiber Edge Platform Denial of Service

CVE ID : CVE-2025-27250 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27537 - Intel Tiber Edge Platform Privilege Escalation Vulnerability

CVE ID : CVE-2025-27537 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Improper input validation for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27559 - Apache AI Playground Privilege Escalation

CVE ID : CVE-2025-27559 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Incorrect default permissions for some AI Playground software before version v2.3.0 alpha may allow an authenticated user to potentially enable escalation of privilege via local access. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27576 - Intel Tiber Edge Platform Unauthenticated Denial of Service Vulnerability

CVE ID : CVE-2025-27576 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable denial of service via local access. Severity: 2.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27707 - Intel Tiber Edge Orchestrator Sensitive Information Exposure Denial of Service

CVE ID : CVE-2025-27707 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access. Severity: 2.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-27717 - Intel Graphics Driver Uncontrolled Search Path Privilege Escalation

CVE ID : CVE-2025-27717 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-32004 - Intel Edger8r Tool SGX SDK Privilege Escalation Vulnerability

CVE ID : CVE-2025-32004 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an authenticated user to potentially enable escalation of privilege via local access. Severity: 3.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-32086 - Intel Xeon 6 Processors SGX/TDX Privilege Escalation Vulnerability

CVE ID : CVE-2025-32086 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-49563 - Adobe Illustrator Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-49563 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Illustrator versions 28.7.8, 29.6.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-49564 - Adobe Illustrator Stack-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-49564 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-49567 - Adobe Illustrator NULL Pointer Dereference Denial of Service

CVE ID : CVE-2025-49567 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-49568 - Adobe Illustrator Use After Free Vulnerability

CVE ID : CVE-2025-49568 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-55166 - Savg-sanitizer Cross-Site Scripting and External Domain Linking Vulnerability

CVE ID : CVE-2025-55166 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : savg-sanitizer is a PHP SVG/XML sanitizer. Prior to version 0.22.0, the sanitization logic in the cleanXlinkHrefs method only searches for lower-case attribute name, which allows to by-pass the isHrefSafeValue check. As a result this allows cross-site scripting or linking to external domains. This issue has been patched in version 0.22.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-55167 - WeGIA SQL Injection

CVE ID : CVE-2025-55167 Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependente_remover.php endpoint, specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This issue has been patched in version 3.4.8. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 17:15:00 GMT

read more

CVE-2025-38500 - Linux Kernel xfrm Interface Use-After-Free Vulnerability

CVE ID : CVE-2025-38500 Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such interfaces. The check to enforce this was done only in the case where the xi was returned from xfrmi_locate() which doesn't look for the collect_md interface, and thus the validation was never reached. Calling changelink would thus errornously place the special interface xi in the xfrmi_net->xfrmi hash, but since it also exists in the xfrmi_net->collect_md_xfrmi pointer it would lead to a double free when the net namespace was taken down [1]. Change the check to use the xi from netdev_priv which is available earlier in the function to prevent changes in xfrm collect_md interfaces. [1] resulting oops: [ 8.516540] kernel BUG at net/core/dev.c:12029! [ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary) [ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 8.516569] Workqueue: netns cleanup_net [ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0 [ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24 [ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206 [ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60 [ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122 [ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100 [ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00 [ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00 [ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000 [ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0 [ 8.516625] PKRU: 55555554 [ 8.516627] Call Trace: [ 8.516632] [ 8.516635] ? rtnl_is_locked+0x15/0x20 [ 8.516641] ? unregister_netdevice_queue+0x29/0xf0 [ 8.516650] ops_undo_list+0x1f2/0x220 [ 8.516659] cleanup_net+0x1ad/0x2e0 [ 8.516664] process_one_work+0x160/0x380 [ 8.516673] worker_thread+0x2aa/0x3c0 [ 8.516679] ? __pfx_worker_thread+0x10/0x10 [ 8.516686] kthread+0xfb/0x200 [ 8.516690] ? __pfx_kthread+0x10/0x10 [ 8.516693] ? __pfx_kthread+0x10/0x10 [ 8.516697] ret_from_fork+0x82/0xf0 [ 8.516705] ? __pfx_kthread+0x10/0x10 [ 8.516709] ret_from_fork_asm+0x1a/0x30 [ 8.516718] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-3089 - ServiceNow AI Platform Broken Access Control Vulnerability

CVE ID : CVE-2025-3089 Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading to unauthorized data modifications. This issue is addressed in the listed patches and family releases, which have been made available to hosted and self-hosted customers, as well as partners. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-54800 - Hydra JavaScript Injection Vulnerability

CVE ID : CVE-2025-54800 Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : Hydra is a continuous integration service for Nix based projects. Prior to commit dea1e16, a malicious package can introduce arbitrary JavaScript code into the Hydra database that is automatically evaluated in a client's browser when anyone visits the build page. This could be done by a third-party project as part of its build process. This also happens in other places like with hydra-release-name. This issue has been patched by commit dea1e16. A workaround involves either not building untrusted packages or not visiting the builds page. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-54864 - Hydra Unauthenticated API Calls Vulnerability

CVE ID : CVE-2025-54864 Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : Hydra is a continuous integration service for Nix based projects. Prior to commit f7bda02, /api/push-github and /api/push-gitea are called by the corresponding forge without HTTP Basic authentication. Both forges do however feature HMAC signing with a secret key. Triggering an evaluation can be very taxing on the infrastructure when large evaluations are done, introducing potential denial of service attacks on the host running the evaluator. This issue has been patched by commit f7bda02. A workaround involves blocking /api/push-github and /api/push-gitea via a reverse proxy. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-55010 - Kanboard PHP Deserialization RCE Vulnerability

CVE ID : CVE-2025-55010 Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, an unsafe deserialization vulnerability in the ProjectEventActvityFormatter allows admin users the ability to instantiate arbitrary php objects by modifying the event["data"] field in the project_activities table. A malicious actor can update this field to use a php gadget to write a web shell into the /plugins folder, which then gives remote code execution on the host system. This issue has been patched in version 1.2.47. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-55011 - Kanboard File Traversal Vulnerability

CVE ID : CVE-2025-55011 Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the task_id parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file anywhere on the system the app user controls. The impact is limited due to the filename being hashed and having no extension. This issue has been patched in version 1.2.47. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-55164 - "Prototype Pollution in Apache Content-Security-Policy-Parser"

CVE ID : CVE-2025-55164 Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : content-security-policy-parser parses content security policy directives. A prototype pollution vulnerability exists in versions 0.5.0 and earlier, wherein if a policy name is called __proto__, one can override the Object prototype. This issue has been patched in version 0.6.0. A workaround involves disabling prototype method in NodeJS, neutralizing all possible prototype pollution attacks. Provide either --disable-proto=delete (recommended) or --disable-proto=throw as an argument to node to enable this feature. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2025-8452 - Brother Multi-Function Printer Serial Number Disclosure and Default Administrator Password Calculation Vulnerability

CVE ID : CVE-2025-8452 Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago Description : By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default administrator password. This flaw is similar to CVE-2024-51977, with the only difference being the protocol by which an attacker can use to learn the remote device's serial number. The eSCL/uscan vector is typically only exposed on the local network. Any discovery service that implements the eSCL specification can be used to exploit this vulnerability, and one such implementation is the runZero Explorer. Changing the default administrator password will render this vulnerability virtually worthless, since the calculated default administrator password would no longer be the correct password. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 16:15:00 GMT

read more

CVE-2024-38805 - EDK2 BIOS Integer Overflow Denial of Service Vulnerability

CVE ID : CVE-2024-38805 Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago Description : EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-3831 - Harmony SASE Agent Unsecured Log Upload

CVE ID : CVE-2025-3831 Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago Description : Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-5456 - Ivanti Connect Secure Buffer Over-read DOS Vulnerability

CVE ID : CVE-2025-5456 Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago Description : A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote unauthenticated attacker to trigger a denial of service. CWE-125 Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-5462 - Ivanti Connect Secure Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-5462 Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago Description : A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote unauthenticated attacker to trigger a denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-5466 - "Ivanti Connect Secure and Ivanti Policy Secure Denial of Service Vulnerability"

CVE ID : CVE-2025-5466 Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago Description : XEE in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote authenticated attacker with admin privileges to trigger a denial of service Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-5468 - Ivanti Connect Secure, Policy Secure, ZTA Gateway, Neurons for Secure Access Local File Reading via Symbolic Link Vulnerability

CVE ID : CVE-2025-5468 Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago Description : Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a local authenticated attacker to read arbitrary files on disk. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-8296 - Ivanti Avalanche SQL Injection Remote Code Execution Vulnerability

CVE ID : CVE-2025-8296 Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago Description : SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrary SQL queries. In certain conditions, this can also lead to remote code execution Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-8297 - Ivanti Avalanche Remote Code Execution

CVE ID : CVE-2025-8297 Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago Description : Incomplete restriction of configuration in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to achieve remote code execution Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-8310 - Ivanti Virtual Application Delivery Controller Authentication Bypass

CVE ID : CVE-2025-8310 Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago Description : Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 15:15:00 GMT

read more

CVE-2025-22830 - APTIOV BIOS Race Condition Vulnerability

CVE ID : CVE-2025-22830 Published : Aug. 12, 2025, 2:15 p.m. | 3 hours, 10 minutes ago Description : APTIOV contains a vulnerability in BIOS where a skilled user may cause “Race Condition” by local access. A successful exploitation of this vulnerability may lead to resource exhaustion and impact Confidentiality, Integrity, and Availability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 14:15:00 GMT

read more

CVE-2025-22834 - AMI APTIOV BIOS Improper Initialization Vulnerability

CVE ID : CVE-2025-22834 Published : Aug. 12, 2025, 2:15 p.m. | 3 hours, 10 minutes ago Description : AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability. Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 14:15:00 GMT

read more

CVE-2025-43735 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43735 Published : Aug. 12, 2025, 1:15 p.m. | 4 hours, 10 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the google_gadget. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 13:15:00 GMT

read more

CVE-2025-40766 - SINEC Traffic Analyzer Docker DoS Vulnerability

CVE ID : CVE-2025-40766 Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions V3.0). The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service (DoS) attack. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40767 - SINEC Traffic Analyzer Docker Container Isolation Bypass

CVE ID : CVE-2025-40767 Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host system resources. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40768 - SINEC Traffic Analyzer Remote Service Access Vulnerability

CVE ID : CVE-2025-40768 Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions V3.0). The affected application exposes an internal service port to be accessible from outside the system. This could allow an unauthorized attacker to access the application. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40769 - SINEC Traffic Analyzer Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-40769 Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions V3.0). The affected application uses a Content Security Policy that allows unsafe script execution methods. This could allow an attacker to execute unauthorized scripts, potentially leading to cross-site scripting attacks. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40770 - SINEC Traffic Analyzer Man-in-the-Middle Vulnerability

CVE ID : CVE-2025-40770 Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the interface, leading to man-in-the-middle attacks. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-41986 - Siemens Opcenter QL Home, SOA Audit, and SOA Cockpit TLS Insecure Protocol Vulnerability

CVE ID : CVE-2024-41986 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 V2506), SOA Audit (All versions >= V13.2 V2506), SOA Cockpit (All versions >= V13.2 V2506). The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-52504 - Siemens SIPROTEC 4 Remote File Transfer Denial of Service

CVE ID : CVE-2024-52504 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SIPROTEC 4 6MD61 (All versions), SIPROTEC 4 6MD63 (All versions), SIPROTEC 4 6MD66 (All versions), SIPROTEC 4 6MD665 (All versions), SIPROTEC 4 7SA522 (All versions), SIPROTEC 4 7SA6 (All versions V4.78), SIPROTEC 4 7SD5 (All versions V4.78), SIPROTEC 4 7SD610 (All versions V4.78), SIPROTEC 4 7SJ61 (All versions), SIPROTEC 4 7SJ62 (All versions), SIPROTEC 4 7SJ63 (All versions), SIPROTEC 4 7SJ64 (All versions), SIPROTEC 4 7SJ66 (All versions), SIPROTEC 4 7SS52 (All versions), SIPROTEC 4 7ST6 (All versions), SIPROTEC 4 7UM61 (All versions), SIPROTEC 4 7UM62 (All versions), SIPROTEC 4 7UT612 (All versions), SIPROTEC 4 7UT613 (All versions), SIPROTEC 4 7UT63 (All versions), SIPROTEC 4 7VE6 (All versions), SIPROTEC 4 7VK61 (All versions), SIPROTEC 4 7VU683 (All versions), SIPROTEC 4 Compact 7RW80 (All versions), SIPROTEC 4 Compact 7SD80 (All versions), SIPROTEC 4 Compact 7SJ80 (All versions), SIPROTEC 4 Compact 7SJ81 (All versions), SIPROTEC 4 Compact 7SK80 (All versions), SIPROTEC 4 Compact 7SK81 (All versions). Affected devices do not properly handle interrupted operations of file transfer. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the devices need to be restarted. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-54678 - Siemens SIMATIC and TIA Portal Named Pipe Remote Code Execution Vulnerability

CVE ID : CVE-2024-54678 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 V17 (All versions), SIMATIC STEP 7 V18 (All versions), SIMATIC STEP 7 V19 (All versions V19 Update 4), SIMATIC STEP 7 V20 (All versions), SIMATIC WinCC V17 (All versions), SIMATIC WinCC V18 (All versions), SIMATIC WinCC V19 (All versions V19 Update 4), SIMATIC WinCC V20 (All versions), SIMOCODE ES V17 (All versions), SIMOCODE ES V18 (All versions), SIMOCODE ES V19 (All versions), SIMOCODE ES V20 (All versions), SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA V5.5 (All versions), SIMOTION SCOUT TIA V5.6 (All versions V5.6 SP1 HF7), SIMOTION SCOUT TIA V5.7 (All versions), SINAMICS Startdrive V17 (All versions), SINAMICS Startdrive V18 (All versions), SINAMICS Startdrive V19 (All versions), SINAMICS Startdrive V20 (All versions), SIRIUS Safety ES V17 (TIA Portal) (All versions), SIRIUS Safety ES V18 (TIA Portal) (All versions), SIRIUS Safety ES V19 (TIA Portal) (All versions), SIRIUS Safety ES V20 (TIA Portal) (All versions), SIRIUS Soft Starter ES V17 (TIA Portal) (All versions), SIRIUS Soft Starter ES V18 (TIA Portal) (All versions), SIRIUS Soft Starter ES V19 (TIA Portal) (All versions), SIRIUS Soft Starter ES V20 (TIA Portal) (All versions), TIA Portal Cloud V17 (All versions), TIA Portal Cloud V18 (All versions), TIA Portal Cloud V19 (All versions V5.2.1.1), TIA Portal Cloud V20 (All versions), TIA Portal Test Suite V20 (All versions). Affected products do not properly sanitize Interprocess Communication input received through a Windows Named Pipe accessible to all local users. This could allow an authenticated local attacker to cause a type confusion and execute arbitrary code within the affected application. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-30033 - Apache Setup DLL Hijacking Vulnerability

CVE ID : CVE-2025-30033 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-30034 - "SIMATIC RTLS Locating Manager Unauthenticated Local Denial of Service"

CVE ID : CVE-2025-30034 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions V3.3). Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-33023 - RUGGEDCOM ROX File Upload Privilege Escalation Vulnerability

CVE ID : CVE-2025-33023 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions), RUGGEDCOM ROX MX5000RE (All versions), RUGGEDCOM ROX RX1400 (All versions), RUGGEDCOM ROX RX1500 (All versions), RUGGEDCOM ROX RX1501 (All versions), RUGGEDCOM ROX RX1510 (All versions), RUGGEDCOM ROX RX1511 (All versions), RUGGEDCOM ROX RX1512 (All versions), RUGGEDCOM ROX RX1524 (All versions), RUGGEDCOM ROX RX1536 (All versions), RUGGEDCOM ROX RX5000 (All versions). The affected devices do not properly enforce the restriction of files that can be uploaded from the web interface. This could allow an authenticated remote attacker with high privileges in the web interface to upload arbitrary files. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40570 - Siemens SIPROTEC 5 USB Port Bandwidth Exhaustion Vulnerability

CVE ID : CVE-2025-40570 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions V10.0), SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SA82 (CP150) (All versions V10.0), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SD82 (CP150) (All versions V10.0), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SJ81 (CP150) (All versions V10.0), SIPROTEC 5 7SJ82 (CP150) (All versions V10.0), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SK82 (CP150) (All versions V10.0), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SL82 (CP150) (All versions V10.0), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7ST85 (CP300) (All versions V10.0), SIPROTEC 5 7ST86 (CP300) (All versions V10.0), SIPROTEC 5 7SX82 (CP150) (All versions V10.0), SIPROTEC 5 7SX85 (CP300) (All versions V10.0), SIPROTEC 5 7SY82 (CP150) (All versions V10.0), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7UT82 (CP150) (All versions V10.0), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 V10.0), SIPROTEC 5 7VU85 (CP300) (All versions V10.0), SIPROTEC 5 Compact 7SX800 (CP050) (All versions V10.0). Affected devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack. The protection function is not affected of this vulnerability. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40584 - Siemens SIMOTION and SINAMICS XXE File Disclosure Vulnerability

CVE ID : CVE-2025-40584 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA V5.5 (All versions), SIMOTION SCOUT TIA V5.6 (All versions V5.6 SP1 HF7), SIMOTION SCOUT TIA V5.7 (All versions V5.7 SP1 HF1), SIMOTION SCOUT V5.4 (All versions), SIMOTION SCOUT V5.5 (All versions), SIMOTION SCOUT V5.6 (All versions V5.6 SP1 HF7), SIMOTION SCOUT V5.7 (All versions V5.7 SP1 HF1), SINAMICS STARTER V5.5 (All versions), SINAMICS STARTER V5.6 (All versions), SINAMICS STARTER V5.7 (All versions). The affected application contains a XML External Entity Injection (XXE) vulnerability while parsing specially crafted XML files. This could allow an attacker to read arbitrary files in the system. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40743 - Siemens SINUMERIK VNC Authentication Bypass

CVE ID : CVE-2025-40743 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions V4.95 SP5), SINUMERIK 828D PPU.5 (All versions V5.25 SP1), SINUMERIK 840D sl (All versions V4.95 SP5), SINUMERIK MC (All versions V1.25 SP1), SINUMERIK MC V1.15 (All versions V1.15 SP5), SINUMERIK ONE (All versions V6.25 SP1), SINUMERIK ONE V6.15 (All versions V6.15 SP5). The affected application improperly validates authentication for its VNC access service, allowing access with insufficient password verification. This could allow an attacker to gain unauthorized remote access and potentially compromise system confidentiality, integrity, or availability. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40746 - "Siemens SIMATIC RTLS Locating Manager Remote Code Execution Vulnerability"

CVE ID : CVE-2025-40746 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT Authority/SYSTEM' privileges. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40751 - SIMATIC RTLS Locating Manager Credential Exposure (Authentication Bypass)

CVE ID : CVE-2025-40751 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions V3.3). Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40752 - SICAM Power Meter Password Storage Vulnerability

CVE ID : CVE-2025-40752 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q200 family (All versions >= V2.70 V2.80). Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40753 - SICAM Power Meter SMTP Password Exposure

CVE ID : CVE-2025-40753 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions >= V2.60 V2.62), POWER METER SICAM Q200 family (All versions >= V2.70 V2.80). Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40759 - Siemens TIA Portal and SIMATIC Products Remote Code Execution Vulnerability

CVE ID : CVE-2025-40759 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 V17 (All versions), SIMATIC STEP 7 V18 (All versions), SIMATIC STEP 7 V19 (All versions V19 Update 4), SIMATIC STEP 7 V20 (All versions), SIMATIC WinCC V17 (All versions), SIMATIC WinCC V18 (All versions), SIMATIC WinCC V19 (All versions V19 Update 4), SIMATIC WinCC V20 (All versions), SIMOCODE ES V17 (All versions), SIMOCODE ES V18 (All versions), SIMOCODE ES V19 (All versions), SIMOCODE ES V20 (All versions), SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA V5.5 (All versions), SIMOTION SCOUT TIA V5.6 (All versions V5.6 SP1 HF7), SIMOTION SCOUT TIA V5.7 (All versions), SINAMICS Startdrive V17 (All versions), SINAMICS Startdrive V18 (All versions), SINAMICS Startdrive V19 (All versions), SINAMICS Startdrive V20 (All versions), SIRIUS Safety ES V17 (TIA Portal) (All versions), SIRIUS Safety ES V18 (TIA Portal) (All versions), SIRIUS Safety ES V19 (TIA Portal) (All versions), SIRIUS Safety ES V20 (TIA Portal) (All versions), SIRIUS Soft Starter ES V17 (TIA Portal) (All versions), SIRIUS Soft Starter ES V18 (TIA Portal) (All versions), SIRIUS Soft Starter ES V19 (TIA Portal) (All versions), SIRIUS Soft Starter ES V20 (TIA Portal) (All versions), TIA Portal Cloud V17 (All versions), TIA Portal Cloud V18 (All versions), TIA Portal Cloud V19 (All versions V5.2.1.1), TIA Portal Cloud V20 (All versions). Affected products do not properly sanitize stored security properties when parsing project files. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40761 - RUGGEDCOM ROX Devices Physical Access Bypass Authentication Vulnerability

CVE ID : CVE-2025-40761 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions), RUGGEDCOM ROX MX5000RE (All versions), RUGGEDCOM ROX RX1400 (All versions), RUGGEDCOM ROX RX1500 (All versions), RUGGEDCOM ROX RX1501 (All versions), RUGGEDCOM ROX RX1510 (All versions), RUGGEDCOM ROX RX1511 (All versions), RUGGEDCOM ROX RX1512 (All versions), RUGGEDCOM ROX RX1524 (All versions), RUGGEDCOM ROX RX1536 (All versions), RUGGEDCOM ROX RX5000 (All versions). Affected devices do not properly limit access through its Built-In-Self-Test (BIST) mode. This could allow an attacker with physical access to the serial interface to bypass authentication and get access to a root shell on the device. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40762 - "Simcenter Femap STP File Out-of-Bounds Write Vulnerability"

CVE ID : CVE-2025-40762 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in Simcenter Femap V2406 (All versions V2406.0003), Simcenter Femap V2412 (All versions V2412.0002). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted STP file. This could allow an attacker to execute code in the context of the current process.(ZDI-CAN-26692) Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-40764 - Simcenter Femap BMP File Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-40764 Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago Description : A vulnerability has been identified in Simcenter Femap V2406 (All versions V2406.0003), Simcenter Femap V2412 (All versions V2412.0002). The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-41984 - Siemens Opcenter QL Home, SOA Audit, and SOA Cockpit Improper Error Handling Exposes System Applications

CVE ID : CVE-2024-41984 Published : Aug. 12, 2025, 12:15 p.m. | 1 hour, 48 minutes ago Description : A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 V2506), SOA Audit (All versions >= V13.2 V2506), SOA Cockpit (All versions >= V13.2 V2506). The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications. Severity: 2.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-41985 - Siemens Opcenter QL Home and SOA Session Persistence Vulnerability

CVE ID : CVE-2024-41985 Published : Aug. 12, 2025, 12:15 p.m. | 1 hour, 48 minutes ago Description : A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 V2506), SOA Audit (All versions >= V13.2 V2506), SOA Cockpit (All versions >= V13.2 V2506). The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle. Severity: 2.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2024-41983 - Siemens Opcenter QL Home, SOA Audit, and SOA Cockpit SQL Injection Vulnerability

CVE ID : CVE-2024-41983 Published : Aug. 12, 2025, 12:15 p.m. | 22 minutes ago Description : A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 V2506), SOA Audit (All versions >= V13.2 V2506), SOA Cockpit (All versions >= V13.2 V2506). The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 12:15:00 GMT

read more

CVE-2025-43736 - Liferay Portal Liferay DXP File Upload Denial Of Service (DOS)

CVE ID : CVE-2025-43736 Published : Aug. 12, 2025, 11:15 a.m. | 53 minutes ago Description : A Denial Of Service via File Upload (DOS) vulnerability in the Liferay Portal 7.4.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows a user to upload more than 300kb profile picture into the user profile. This size more than the noted max 300kb size. This extra amount of data can make Liferay slower. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 11:15:00 GMT

read more

CVE-2025-8885 - Bouncy Castle for Java Resource Allocation Denial of Service

CVE ID : CVE-2025-8885 Published : Aug. 12, 2025, 10:15 a.m. | 1 hour, 53 minutes ago Description : Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java. This issue affects Bouncy Castle for Java: from BC 1.0 through 1.77, from BC-FJA 1.0.0 through 2.0.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 10:15:00 GMT

read more

CVE-2025-26398 - SolarWinds Database Performance Analyzer Cryptographic Key Disclosure

CVE ID : CVE-2025-26398 Published : Aug. 12, 2025, 8:15 a.m. | 3 hours, 53 minutes ago Description : SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle (MITM) attack against users. This vulnerability requires additional software not installed by default, local access to the server and administrator level privileges on the host. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 08:15:00 GMT

read more

CVE-2025-41686 - Microsoft NSSM Elevation of Privilege

CVE ID : CVE-2025-41686 Published : Aug. 12, 2025, 8:15 a.m. | 3 hours, 53 minutes ago Description : A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 08:15:00 GMT

read more

CVE-2025-47444 - Liquid Web GiveWP Sensitive Data Retrieval Vulnerability

CVE ID : CVE-2025-47444 Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago Description : Insertion of Sensitive Information Into Sent Data vulnerability in Liquid Web GiveWP allows Retrieve Embedded Sensitive Data.This issue affects GiveWP: from n/a before 4.6.1. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-8418 - WordPress B Slider-Gutenberg Slider Block Plugin Arbitrary Plugin Installation Vulnerability

CVE ID : CVE-2025-8418 Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago Description : The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Arbitrary Plugin Installation in all versions up to, and including, 1.1.30. This is due to missing capability checks on the activated_plugin function. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins on the server which can make remote code execution possible. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-8482 - WordPress Simple Local Avatars Unauthenticated Data Modification Vulnerability

CVE ID : CVE-2025-8482 Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago Description : The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of data in version 2.8.4. This is due to a missing capability check on the migrate_from_wp_user_avatar() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to migrate avatar metadata for all users. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-8767 - WordPress AnWP Football Leagues Plugin CSV Injection Vulnerability

CVE ID : CVE-2025-8767 Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago Description : The AnWP Football Leagues plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 0.16.17 via the 'download_csv_players' and 'download_csv_games' functions. This makes it possible for authenticated attackers, with Administrator-level access and above, to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-8874 - Elementor Addons - WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8874 Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago Description : The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.0.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 07:15:00 GMT

read more

CVE-2025-30027 - Axis ACAP Code Execution Vulnerability

CVE ID : CVE-2025-30027 Published : Aug. 12, 2025, 6:15 a.m. | 5 hours, 53 minutes ago Description : An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 06:15:00 GMT

read more

CVE-2025-3892 - Axis ACAP Privilege Escalation Vulnerability

CVE ID : CVE-2025-3892 Published : Aug. 12, 2025, 6:15 a.m. | 5 hours, 53 minutes ago Description : ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 06:15:00 GMT

read more

CVE-2025-6253 - "UiCore Elements WordPress Arbitrary File Read Vulnerability"

CVE ID : CVE-2025-6253 Published : Aug. 12, 2025, 6:15 a.m. | 5 hours, 53 minutes ago Description : The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.3.0 via the prepare_template() function due to a missing capability check and insufficient controls on the filename specified. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 06:15:00 GMT

read more

CVE-2025-8081 - Elementor WordPress Arbitrary File Read Vulnerability

CVE ID : CVE-2025-8081 Published : Aug. 12, 2025, 6:15 a.m. | 5 hours, 53 minutes ago Description : The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the Import_Images::import() function due to insufficient controls on the filename specified. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 06:15:00 GMT

read more

CVE-2025-7622 - Apache Server-Side Request Forgery

CVE ID : CVE-2025-7622 Published : Aug. 12, 2025, 5:15 a.m. | 6 hours, 53 minutes ago Description : During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 05:15:00 GMT

read more

CVE-2025-8059 - WordPress B Blocks Privilege Escalation

CVE ID : CVE-2025-8059 Published : Aug. 12, 2025, 5:15 a.m. | 6 hours, 53 minutes ago Description : The B Blocks plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization and improper input validation within the rgfr_registration() function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to create a new account and assign it the administrator role. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 05:15:00 GMT

read more

CVE-2025-8314 - WordPress Software Issue Manager Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8314 Published : Aug. 12, 2025, 5:15 a.m. | 6 hours, 53 minutes ago Description : The Software Issue Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg parameter in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 05:15:00 GMT

read more

CVE-2025-42976 - SAP NetWeaver Application Server ABAP Buffer Overflow

CVE ID : CVE-2025-42976 Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago Description : SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can make the target completely unavailable. A similarly crafted submission can be used to perform an out-of-bounds read operation as well, revealing sensitive information that is loaded in memory at that time. There is no ability to modify any information. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-4390 - WordPress Private Content Plus Sensitive Information Exposure

CVE ID : CVE-2025-4390 Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago Description : The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validate_restrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted posts on archive and feed pages. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-5391 - WooCommerce Purchase Orders Remote Code Execution via File Deletion Vulnerability

CVE ID : CVE-2025-5391 Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago Description : The WooCommerce Purchase Orders plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_file() function in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8462 - Elementor RT Easy Builder Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8462 Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago Description : The RT Easy Builder – Advanced addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the social URL parameter in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8568 - WordPress GMap Generator Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8568 Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago Description : The GMap Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘h’ parameter in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8621 - Mosaic Generator Stored Cross-Site Scripting Vulnerability in WordPress

CVE ID : CVE-2025-8621 Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago Description : The Mosaic Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘c’ parameter in all versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8685 - WordPress Wp Chart Generator Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8685 Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago Description : The Wp chart generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpchart shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8688 - WordPress Inline Stock Quotes Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8688 Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago Description : The Inline Stock Quotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-8690 - WordPress Simple Responsive Slider Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8690 Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago Description : The Simple Responsive Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42957 - SAP S/4HANA ABAP Code Injection Backdoor Vulnerability

CVE ID : CVE-2025-42957 Published : Aug. 12, 2025, 3:15 a.m. | 6 hours, 57 minutes ago Description : SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42975 - SAP NetWeaver Application Server ABAP Cross-Site Scripting (XSS)

CVE ID : CVE-2025-42975 Published : Aug. 12, 2025, 3:15 a.m. | 6 hours, 57 minutes ago Description : SAP NetWeaver Application Server ABAP (BIC Document) allows an unauthenticated attacker to craft a URL link which, when accessed on the BIC Document application, embeds a malicious script. When a victim clicks on this link, the script executes in the victim's browser, allowing the attacker to access and/or modify information related to the web client without affecting availability. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42951 - SAP Business One (SLD) Privilege Escalation Vulnerability

CVE ID : CVE-2025-42951 Published : Aug. 12, 2025, 3:15 a.m. | 4 hours, 53 minutes ago Description : Due to broken authorization, SAP Business One (SLD) allows an authenticated attacker to gain administrator privileges of a database by invoking the corresponding API. As a result , it has a high impact on the confidentiality, integrity, and availability of the application. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42955 - SAP Cloud Connector LDAP Connection Testing Information Disclosure

CVE ID : CVE-2025-42955 Published : Aug. 12, 2025, 3:15 a.m. | 4 hours, 53 minutes ago Description : Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP connections. A successful exploit could lead to reduced performance, hence a low-impact on availability of the service. Confidentiality and integrity of the data are not affected. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42936 - SAP NetWeaver Application Server for ABAP Privilege Escalation Vulnerability

CVE ID : CVE-2025-42936 Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago Description : The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access restricted objects in the barcode interface, leading to privilege escalation. This results in a low impact on the confidentiality and integrity of the application, there is no impact on availability. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42941 - SAP Fiori Launchpad Reverse Tabnabbing Vulnerability

CVE ID : CVE-2025-42941 Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago Description : SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link () elements. An attacker with administrative user privileges could exploit this by leveraging compromised or malicious pages. While administrative access is necessary for certain configurations, the attacker does not need the administrative privileges to execute the attack. This could result in unintended manipulation of user sessions or exposure of sensitive information. The issue impacts the confidentiality and integrity of the system, but the availability remains unaffected. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42942 - SAP NetWeaver Application Server for ABAP Cross-Site Scripting (XSS)

CVE ID : CVE-2025-42942 Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago Description : SAP NetWeaver Application Server for ABAP has cross-site scripting vulnerability. Due to this, an unauthenticated attacker could craft a URL embedded with malicious script and trick an unauthenticated victim to click on it to execute the script. Upon successful exploitation, the attacker could access and modify limited information within the scope of victim's browser. This vulnerability has no impact on availability of the application. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42943 - SAP GUI for Windows NTLM Hash Leak

CVE ID : CVE-2025-42943 Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago Description : SAP GUI for Windows may allow the leak of NTML hashes when specific ABAP frontend services are called with UNC paths. For a successful attack, the attacker needs developer authorization in a specific Application Server ABAP to make changes in the code, and the victim needs to execute by using SAP GUI for Windows. This could trigger automatic NTLM authentication, potentially exposing hashed credentials to an attacker. As a result, it has a high impact on the confidentiality. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42945 - SAP NetWeaver Application Server ABAP HTML Injection Vulnerability

CVE ID : CVE-2025-42945 Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago Description : SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker could craft a URL with malicious script as payload and trick a victim with active user session into executing it. Upon successful exploit, this vulnerability could lead to limited access to data or its manipulation. There is no impact on availability. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42946 - SAP S/4HANA (Bank Communication Management) Directory Traversal Vulnerability

CVE ID : CVE-2025-42946 Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago Description : Due to directory traversal vulnerability in SAP S/4HANA (Bank Communication Management), an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacker to potentially read or delete these files hence causing a high impact on confidentiality and low impact on integrity. There is no impact on availability of the system. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42948 - SAP NetWeaver ABAP Platform Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-42948 Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago Description : Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website s page generation, resulting in the creation of malicious content. When this malicious content gets executed, the attacker could gain the ability to access/modify information within the scope of victim s browser. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42949 - Oracle ABAP Platform SQL Injection Vulnerability

CVE ID : CVE-2025-42949 Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago Description : Due to a missing authorization check in the ABAP Platform, an authenticated user with elevated privileges could bypass authorization restrictions for common transactions by leveraging the SQL Console. This could enable an attacker to access and read the contents of database tables without proper authorization, leading to a significant compromise of data confidentiality. However, the integrity and availability of the system remain unaffected. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42950 - SAP SLT ABAP Code Injection Vulnerability

CVE ID : CVE-2025-42950 Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago Description : SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42934 - SAP S/4HANA CRLF Injection Vulnerability

CVE ID : CVE-2025-42934 Published : Aug. 12, 2025, 3:15 a.m. | 1 hour, 44 minutes ago Description : SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attacker with user-level privileges can bypass the allowlist and insert untrusted sites into the 'Trusted Sites' configuration by injecting line feed (LF) characters into application inputs. This vulnerability has a low impact on the application's integrity and no impact on confidentiality or availability. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

CVE-2025-42935 - SAP NetWeaver Application Server ABAP and ABAP Platform ICM Information Disclosure Vulnerability

CVE ID : CVE-2025-42935 Published : Aug. 12, 2025, 3:15 a.m. | 1 hour, 44 minutes ago Description : The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager (ICM) permits authorized users with admin privileges and local access to log files to read sensitive information, resulting in information disclosure. This leads to high impact on the confidentiality of the application, with no impact on integrity or availability. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 12 Aug 2025 03:15:00 GMT

read more

Fuite de données chez France Travail

]]>

Tue Aug 12 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-55161 - Stirling-PDF SSRF

CVE ID : CVE-2025-55161 Published : Aug. 11, 2025, 11:15 p.m. | 5 hours, 44 minutes ago Description : Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization which can be bypassed and result in SSRF. This issue has been patched in version 1.1.0. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-55156 - PyLoad SQL Injection Vulnerability

CVE ID : CVE-2025-55156 Published : Aug. 11, 2025, 11:15 p.m. | 3 hours, 21 minutes ago Description : pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter add_links in API /json/add_package is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched in version 0.5.0b3.dev91. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-55157 - Vim Use-After-Free Vulnerability

CVE ID : CVE-2025-55157 Published : Aug. 11, 2025, 11:15 p.m. | 3 hours, 21 minutes ago Description : Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-55158 - Vim Double-Free Typval Management Vulnerability

CVE ID : CVE-2025-55158 Published : Aug. 11, 2025, 11:15 p.m. | 3 hours, 21 minutes ago Description : Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-55159 - Apache Slab Uninitialized Memory Access Vulnerability

CVE ID : CVE-2025-55159 Published : Aug. 11, 2025, 11:15 p.m. | 3 hours, 21 minutes ago Description : slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has been fixed in slab 0.4.11. A workaround for this issue involves to avoid using get_disjoint_mut with indices that might be beyond the slab's actual length. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 23:15:00 GMT

read more

CVE-2025-25235 - Omnissa Secure Email Gateway (SEG) SSRF

CVE ID : CVE-2025-25235 Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago Description : Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway (SEG) in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2025-54992 - OpenKilda OpenFlow XXE Injection

CVE ID : CVE-2025-54992 Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago Description : OpenKilda is an open-source OpenFlow controller. Prior to version 1.164.0, an XML external entity (XXE) injection vulnerability was found in OpenKilda which in combination with GHSL-2025-024 allows unauthenticated attackers to exfiltrate information from the instance where the OpenKilda UI is running. This issue may lead to Information disclosure. This issue has been patched in version 1.164.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2025-55012 - Zed Agent Panel Remote Code Execution Permissions Bypass

CVE ID : CVE-2025-55012 Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago Description : Zed is a multiplayer code editor. Prior to version 0.197.3, in the Zed Agent Panel allowed for an AI agent to achieve Remote Code Execution (RCE) by bypassing user permission checks. An AI Agent could have exploited a permissions bypass vulnerability to create or modify a project-specific configuration file, leading to the execution of arbitrary commands on a victim's machine without the explicit approval that would otherwise be required. This vulnerability has been patched in version 0.197.3. A workaround for this issue involves either avoid sending prompts to the Agent Panel, or to limit the AI Agent's file system access. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2025-55150 - Stirling-PDF SSRF Vulnerability

CVE ID : CVE-2025-55150 Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago Description : Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/html/pdf endpoint to convert HTML to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization which can be bypassed and result in SSRF. This issue has been patched in version 1.1.0. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2025-55151 - Stirling-PDF SSRF Vulnerability

CVE ID : CVE-2025-55151 Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago Description : Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, the "convert file to pdf" functionality (/api/v1/convert/file/pdf) uses LibreOffice's unoconvert tool for conversion, and SSRF vulnerabilities exist during the conversion process. This issue has been patched in version 1.1.0. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 22:15:00 GMT

read more

CVE-2024-32640 - MASA CMS SQL Injection Vulnerability

CVE ID : CVE-2024-32640 Published : Aug. 11, 2025, 9:15 p.m. | 5 hours, 21 minutes ago Description : MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.6, 7.3.13, and 7.2.8 contain a SQL injection vulnerability in the `processAsyncObject` method that can result in remote code execution. Versions 7.4.6, 7.3.13, and 7.2.8 contain a fix for the issue. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 21:15:00 GMT

read more

CVE-2025-40920 - Apache::Catalyst::Authentication::Credential::HTTP Weak Nonce Generation

CVE ID : CVE-2025-40920 Published : Aug. 11, 2025, 9:15 p.m. | 5 hours, 21 minutes ago Description : Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs. * Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562. * The nonces should be generated from a strong cryptographic source, as per RFC 7616. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 21:15:00 GMT

read more

CVE-2025-54878 - NASA CryptoLib Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-54878 Published : Aug. 11, 2025, 9:15 p.m. | 5 hours, 21 minutes ago Description : CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version 1.4.0 and prior in the IV setup logic for telecommand frames. The problem arises from missing bounds checks when copying the Initialization Vector (IV) into a freshly allocated buffer. An attacker can supply a crafted TC frame that causes the library to write one byte past the end of the heap buffer, leading to heap corruption and undefined behaviour. An attacker supplying a malformed telecommand frame can corrupt heap memory. This leads to undefined behaviour, which could manifest itself as a crash (denial of service) or more severe exploitation. This issue has been patched in version 1.4.0. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 21:15:00 GMT

read more

CVE-2025-53190 - ABB Aspect Authentication Bypass

CVE ID : CVE-2025-53190 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : A vulnerability in ABB Aspect.This issue affects Aspect: before Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53191 - ABB Aspect Missing Authentication for Critical Function Vulnerability

CVE ID : CVE-2025-53191 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects Aspect: before Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53514 - Mattermost Confluence Plugin Denial of Service (DoS)

CVE ID : CVE-2025-53514 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Mattermost Confluence Plugin version Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53857 - Mattermost Confluence Plugin Information Disclosure Vulnerability

CVE ID : CVE-2025-53857 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Mattermost Confluence Plugin version Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53910 - Mattermost Confluence Plugin Authentication Bypass

CVE ID : CVE-2025-53910 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Mattermost Confluence Plugin version Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-54458 - Mattermost Confluence Plugin Unauthorized Subscription Creation Vulnerability

CVE ID : CVE-2025-54458 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Mattermost Confluence Plugin version Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-54463 - Mattermost Confluence Plugin Denial of Service (DoS)

CVE ID : CVE-2025-54463 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Mattermost Confluence Plugin version Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-54478 - Mattermost Confluence Plugin Authentication Bypass

CVE ID : CVE-2025-54478 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Mattermost Confluence Plugin version Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-54525 - Mattermost Confluence Plugin Denial of Service (DoS)

CVE ID : CVE-2025-54525 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Mattermost Confluence Plugin version Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-7677 - "ABB Aspect Missing Authentication for Critical Function"

CVE ID : CVE-2025-7677 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects Aspect: All versions. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-7679 - ABB Aspect Missing Authentication for Critical Function

CVE ID : CVE-2025-7679 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects Aspect: All versions. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-8285 - Mattermost Confluence Plugin Authentication Bypass

CVE ID : CVE-2025-8285 Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago Description : Mattermost Confluence Plugin version Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-51823 - Libcsp Buffer Overflow Vulnerability

CVE ID : CVE-2025-51823 Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago Description : libcsp 2.0 is vulnerable to Buffer Overflow in the csp_eth_init() function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a structure member (ctx->name) without validating the input length. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-51824 - Zephyr libcsp Buffer Overflow

CVE ID : CVE-2025-51824 Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago Description : libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart/zephyr.c. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-52931 - Mattermost Confluence Plugin Denial of Service (DoS)

CVE ID : CVE-2025-52931 Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago Description : Mattermost Confluence Plugin version Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53188 - ABB Aspect Unprotected Credentials

CVE ID : CVE-2025-53188 Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago Description : Insufficiently Protected Credentials vulnerability in ABB Aspect.This issue affects Aspect: before Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-53189 - ABB Aspect Authorization Bypass Through User-Controlled Key Vulnerability

CVE ID : CVE-2025-53189 Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago Description : Authorization Bypass Through User-Controlled Key vulnerability in ABB Aspect.This issue affects Aspect: from o before Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-25229 - VMware Workspace ONE UEM SSRF Vulnerability

CVE ID : CVE-2025-25229 Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago Description : Omnissa Workspace ONE UEM contains a Server-Side Request Forgery (SSRF) Vulnerability. A malicious actor with user privileges may be able to access restricted internal system information, potentially enabling enumeration of internal network resources. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-44001 - Mattermost Confluence Plugin Unauthenticated Channel Subscription Information Disclosure

CVE ID : CVE-2025-44001 Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago Description : Mattermost Confluence Plugin version Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-44004 - Mattermost Confluence Plugin Auth Bypass

CVE ID : CVE-2025-44004 Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago Description : Mattermost Confluence Plugin version Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-48731 - Mattermost Confluence Plugin Unauthorized Access and Subscription Manipulation Vulnerability

CVE ID : CVE-2025-48731 Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago Description : Mattermost Confluence Plugin version Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-49221 - Mattermost Confluence Plugin Authentication Bypass

CVE ID : CVE-2025-49221 Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago Description : Mattermost Confluence Plugin version Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 19:15:00 GMT

read more

CVE-2025-25231 - VMware Workspace ONE UEM Path Traversal Information Disclosure

CVE ID : CVE-2025-25231 Published : Aug. 11, 2025, 6:15 p.m. | 2 hours, 20 minutes ago Description : Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests (read-only) to restricted API endpoints. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 18:15:00 GMT

read more

CVE-2025-53187 - ABB ASPECT Code Injection Vulnerability

CVE ID : CVE-2025-53187 Published : Aug. 11, 2025, 6:15 p.m. | 2 hours, 20 minutes ago Description : Improper Control of Generation of Code ('Code Injection') vulnerability in ABB ASPECT.This issue affects ASPECT: before Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 18:15:00 GMT

read more

CVE-2025-54063 - Cherry Studio Custom URL Handler Remote Code Execution Vulnerability

CVE ID : CVE-2025-54063 Published : Aug. 11, 2025, 6:15 p.m. | 2 hours, 20 minutes ago Description : Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom URL handling. An attacker can exploit this by hosting a malicious website or embedding a specially crafted URL on any website. If a victim clicks the exploit link in their browser, the app’s custom URL handler is triggered, leading to remote code execution on the victim’s machine. This issue has been patched in version 1.5.1. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 18:15:00 GMT

read more

CVE-2025-8866 - YugabyteDB Anywhere Authentication Bypass

CVE ID : CVE-2025-8866 Published : Aug. 11, 2025, 5:15 p.m. | 1 hour, 20 minutes ago Description : YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 17:15:00 GMT

read more

CVE-2025-38499 - Linux Kernel Clone Private Mnt userns Privilege Escalation Vulnerability

CVE ID : CVE-2025-38499 Published : Aug. 11, 2025, 4:15 p.m. | 2 hours, 20 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a result of MNT_LOCKED on a child, but it may also come from lacking admin rights in the userns of the namespace mount belongs to. clone_private_mnt() checks the former, but not the latter. There's a number of rather confusing CAP_SYS_ADMIN checks in various userns during the mount, especially with the new mount API; they serve different purposes and in case of clone_private_mnt() they usually, but not always end up covering the missing check mentioned above. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 16:15:00 GMT

read more

CVE-2025-45146 - ModelCache for LLM Deserialization Vulnerability

CVE ID : CVE-2025-45146 Published : Aug. 11, 2025, 4:15 p.m. | 2 hours, 20 minutes ago Description : ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. This vulnerability allows attackers to execute arbitrary code via supplying crafted data. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 16:15:00 GMT

read more

CVE-2012-10037 - Apache PhpTax Remote Code Execution Vulnerability

CVE ID : CVE-2012-10037 Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago Description : PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec() function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No authentication is required. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2012-10038 - Auxilium RateMyPet Unauthenticated Remote Code Execution (RCE) via File Upload

CVE ID : CVE-2012-10038 Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago Description : Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in upload_banners.php. The banner upload feature fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files. These files are stored in a web-accessible /banners/ directory and can be executed directly, resulting in remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2012-10039 - ZEN Load Balancer Root Code Execution Vulnerability

CVE ID : CVE-2012-10039 Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago Description : ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec() call without sanitation. An authenticated attacker can inject arbitrary shell commands, resulting in remote code execution as the root user. ZEN Load Balancer is the predecessor of ZEVENET and SKUDONET. The affected versions (2.0 and 3.0-rc1) are no longer supported. SKUDONET CE is the current community-maintained successor. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2012-10040 - Openfiler Command Injection Vulnerability

CVE ID : CVE-2012-10040 Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago Description : Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec() with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the openfiler user. Due to misconfigured sudoers, the openfiler user can escalate privileges to root via sudo /bin/bash without a password. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2025-8859 - Code-projects eBlog Site File Upload Module Unrestricted Upload Vulnerability

CVE ID : CVE-2025-8859 Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago Description : A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2025-8865 - YugabyteDB YCQL DoS Denial of Service

CVE ID : CVE-2025-8865 Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago Description : The YugabyteDB tablet server contains a flaw in its YCQL query handling that can trigger a null pointer dereference when processing certain malformed inputs. An authenticated attacker could exploit this issue to crash the YCQL tablet server, resulting in a denial of service. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 15:15:00 GMT

read more

CVE-2025-8851 - LibTIFF Stack-Based Buffer Overflow

CVE ID : CVE-2025-8851 Published : Aug. 11, 2025, 2:15 p.m. | 4 hours, 20 minutes ago Description : A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 14:15:00 GMT

read more

CVE-2025-8852 - WuKongOpenSource WukongCRM File Upload API Response Handler Information Exposure Vulnerability

CVE ID : CVE-2025-8852 Published : Aug. 11, 2025, 2:15 p.m. | 4 hours, 20 minutes ago Description : A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information exposure through error message. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 14:15:00 GMT

read more

CVE-2025-8864 - Yugabyte Shared Access Signature Token Exposed

CVE ID : CVE-2025-8864 Published : Aug. 11, 2025, 2:15 p.m. | 4 hours, 20 minutes ago Description : Shared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 14:15:00 GMT

read more

CVE-2025-8672 - GIMP for MacOS Local Privilege Escalation

CVE ID : CVE-2025-8672 Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago Description : MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of GIMP, potentially disguising attacker's malicious intent. This issue has been fixed in 3.1.4.2 version of GIMP. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8845 - "NASM Netwide Assembler Stack-Based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-8845 Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago Description : A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8846 - "NASM Netwide Assembler Stack-Based Buffer Overflow"

CVE ID : CVE-2025-8846 Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago Description : A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8847 - RuoYi Yangzongzhuan Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8847 Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago Description : A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is the function Edit of the file /system/notice/edit. The manipulation of the argument noticeTitle/noticeContent leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8862 - YugabyteDB Information Disclosure Vulnerability

CVE ID : CVE-2025-8862 Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago Description : YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include sensitive gflag configurations. To mitigate this, we recommend upgrading the database to a version where this information is properly redacted. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8863 - YugabyteDB Information Disclosure

CVE ID : CVE-2025-8863 Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago Description : YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 13:15:00 GMT

read more

CVE-2025-8844 - "NASM Netwide Assembler Null Pointer Dereference Vulnerability"

CVE ID : CVE-2025-8844 Published : Aug. 11, 2025, 12:15 p.m. | 6 hours, 20 minutes ago Description : A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 12:15:00 GMT

read more

CVE-2025-8842 - NASM Netwide Assembler Use After Free Vulnerability

CVE ID : CVE-2025-8842 Published : Aug. 11, 2025, 11:15 a.m. | 7 hours, 20 minutes ago Description : A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 11:15:00 GMT

read more

CVE-2025-8843 - NASM Netwide Assembler Heap-Based Buffer Overflow

CVE ID : CVE-2025-8843 Published : Aug. 11, 2025, 11:15 a.m. | 7 hours, 20 minutes ago Description : A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 11:15:00 GMT

read more

CVE-2025-8841 - Zlt2000 Microservices-Platform Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-8841 Published : Aug. 11, 2025, 10:15 a.m. | 8 hours, 20 minutes ago Description : A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 10:15:00 GMT

read more

CVE-2025-8840 - jshERP Unauthenticated Remote Code Execution

CVE ID : CVE-2025-8840 Published : Aug. 11, 2025, 10:15 a.m. | 7 hours, 54 minutes ago Description : A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Different than CVE-2025-7947. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 10:15:00 GMT

read more

CVE-2025-8839 - jshERP Remote Authorization Bypass Vulnerability

CVE ID : CVE-2025-8839 Published : Aug. 11, 2025, 9:15 a.m. | 8 hours, 55 minutes ago Description : A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 09:15:00 GMT

read more

CVE-2025-8853 - 2100 Technology Official Document Management System Authentication Bypass

CVE ID : CVE-2025-8853 Published : Aug. 11, 2025, 9:15 a.m. | 8 hours, 55 minutes ago Description : Official Document Management System developed by 2100 Technology has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to obtain any user's connection token and use it to log into the system as that user. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 09:15:00 GMT

read more

CVE-2025-8838 - WinterChenS my-site PreHandle Uri Improper Authentication Remote Vulnerability

CVE ID : CVE-2025-8838 Published : Aug. 11, 2025, 9:15 a.m. | 7 hours, 57 minutes ago Description : A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability affects the function preHandle of the file /admin/ of the component Backend Interface. The manipulation of the argument uri leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The code maintainer responded to the issue that "[he] tried it, and using this link automatically redirects to the login page." Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 09:15:00 GMT

read more

CVE-2025-8836 - JasPer JPEG2000 Encoder Reachable Assertion Vulnerability

CVE ID : CVE-2025-8836 Published : Aug. 11, 2025, 8:15 a.m. | 7 hours, 37 minutes ago Description : A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 79185d32d7a444abae441935b20ae4676b3513d4. It is recommended to apply a patch to fix this issue. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8837 - JasPer JPEG2000 File Handler Use After Free Vulnerability

CVE ID : CVE-2025-8837 Published : Aug. 11, 2025, 8:15 a.m. | 7 hours, 37 minutes ago Description : A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8308060d3fbc1da10353ac8a95c8ea60eba9c25a. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8660 - Apache Privilege Escalation Vulnerability

CVE ID : CVE-2025-8660 Published : Aug. 11, 2025, 8:15 a.m. | 6 hours, 25 minutes ago Description : Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8661 - Apache Server Stored XSS

CVE ID : CVE-2025-8661 Published : Aug. 11, 2025, 8:15 a.m. | 6 hours, 25 minutes ago Description : A stored Cross-Site Scripting vulnerability (XSS) occurs when the server does not properly validate or encode the data entered by the user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8747 - Keras Safe Mode Bypass Arbitrary Code Execution

CVE ID : CVE-2025-8747 Published : Aug. 11, 2025, 8:15 a.m. | 6 hours, 25 minutes ago Description : A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 08:15:00 GMT

read more

CVE-2025-8833 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8833 Published : Aug. 11, 2025, 7:15 a.m. | 7 hours, 25 minutes ago Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function langSwitchBack of the file /goform/langSwitchBack. The manipulation of the argument langSelectionOnly leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 07:15:00 GMT

read more

CVE-2025-8834 - JCG Link-net LW-N915R Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8834 Published : Aug. 11, 2025, 7:15 a.m. | 7 hours, 25 minutes ago Description : A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation of the argument Network Name leads to cross site scripting. It is possible to launch the attack remotely. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 07:15:00 GMT

read more

CVE-2025-8835 - JasPer Jas Image Color Space Conversion Handler Null Pointer Dereference

CVE ID : CVE-2025-8835 Published : Aug. 11, 2025, 7:15 a.m. | 7 hours, 25 minutes ago Description : A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of the patch is bb7d62bd0a2a8e0e1fdb4d603f3305f955158c52. It is recommended to apply a patch to fix this issue. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 07:15:00 GMT

read more

CVE-2025-7965 - "CBX Restaurant Booking WordPress CSRF Settings Update Vulnerability"

CVE ID : CVE-2025-7965 Published : Aug. 11, 2025, 6:15 a.m. | 7 hours, 32 minutes ago Description : The CBX Restaurant Booking WordPress plugin through 1.2.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 06:15:00 GMT

read more

CVE-2025-8832 - Linksys WAP Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8832 Published : Aug. 11, 2025, 6:15 a.m. | 7 hours, 32 minutes ago Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function setDMZ of the file /goform/setDMZ. The manipulation of the argument DMZIPAddress leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 06:15:00 GMT

read more

CVE-2025-8854 - Bullet Physics LoadOFF Stack-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8854 Published : Aug. 11, 2025, 5:15 a.m. | 8 hours, 32 minutes ago Description : Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OFF file with an overlong initial token processed by the VHACD test utility or invoked indirectly through PyBullet's vhacd function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 05:15:00 GMT

read more

CVE-2025-8830 - Linksys Router Os Command Injection Vulnerability

CVE ID : CVE-2025-8830 Published : Aug. 11, 2025, 5:15 a.m. | 8 hours, 13 minutes ago Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function sub_3517C of the file /goform/setWan. The manipulation of the argument Hostname leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 05:15:00 GMT

read more

CVE-2025-8831 - Linksys Wireless Router Remote Management Stack Buffer Overflow Vulnerability

CVE ID : CVE-2025-8831 Published : Aug. 11, 2025, 5:15 a.m. | 8 hours, 13 minutes ago Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function remoteManagement of the file /goform/remoteManagement. The manipulation of the argument portNumber leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 05:15:00 GMT

read more

CVE-2025-27577 - Apache OpenHarmony TCB Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-27577 Published : Aug. 11, 2025, 4:15 a.m. | 9 hours, 13 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-8827 - Linksys Router Remote Os Command Injection Vulnerability

CVE ID : CVE-2025-8827 Published : Aug. 11, 2025, 4:15 a.m. | 9 hours, 13 minutes ago Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function um_inspect_cross_band of the file /goform/RP_setBasicAuto. The manipulation of the argument staticGateway leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-8828 - Linksys RE Series IPv6 Command Injection Vulnerability

CVE ID : CVE-2025-8828 Published : Aug. 11, 2025, 4:15 a.m. | 9 hours, 13 minutes ago Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function ipv6cmd of the file /goform/setIpv6. The manipulation of the argument Ipv6PriDns/Ipv6SecDns/Ipv6StaticGateway/LanIpv6Addr/LanPrefixLen/pppoeUser/pppoePass/pppoeIdleTime/pppoeRedialPeriod/Ipv6in4_PrefixLen/LocalIpv6/RemoteIpv4/LanIPv6_Prefix/LanPrefixLen/ipv6to4Relay/ipv6rdRelay/tunrd_PrefixLen/wan_UseLinkLocal/Ipv6StaticIp/Ipv6PrefixLen leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-8829 - Linksys Wireless Router OS Command Injection Vulnerability

CVE ID : CVE-2025-8829 Published : Aug. 11, 2025, 4:15 a.m. | 9 hours, 13 minutes ago Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function um_red of the file /goform/RP_setBasicAuto. The manipulation of the argument hname leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-27562 - OpenHarmony DoS Memory Leak

CVE ID : CVE-2025-27562 Published : Aug. 11, 2025, 4:15 a.m. | 7 hours, 52 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-27128 - OpenHarmony TCB Use After Free Arbitrary Code Execution

CVE ID : CVE-2025-27128 Published : Aug. 11, 2025, 4:15 a.m. | 7 hours, 13 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-27536 - OpenHarmony Type Confusion DOS

CVE ID : CVE-2025-27536 Published : Aug. 11, 2025, 4:15 a.m. | 7 hours, 13 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-25278 - OpenHarmony TCB Race Condition Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-25278 Published : Aug. 11, 2025, 4:15 a.m. | 5 hours, 31 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-26690 - OpenHarmony NULL Pointer Dereference Denial of Service Vulnerability

CVE ID : CVE-2025-26690 Published : Aug. 11, 2025, 4:15 a.m. | 5 hours, 31 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-24844 - OpenHarmony Memory Leaking DOS Vulnerability

CVE ID : CVE-2025-24844 Published : Aug. 11, 2025, 4:15 a.m. | 4 hours, 18 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-24925 - OpenHarmony Memory Leaks Denial of Service Vulnerability

CVE ID : CVE-2025-24925 Published : Aug. 11, 2025, 4:15 a.m. | 4 hours, 18 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-25212 - OpenHarmony Denial of Service Vulnerability

CVE ID : CVE-2025-25212 Published : Aug. 11, 2025, 4:15 a.m. | 4 hours, 18 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-24298 - OpenHarmony TCB Use-After-Free Vulnerability

CVE ID : CVE-2025-24298 Published : Aug. 11, 2025, 4:15 a.m. | 3 hours, 13 minutes ago Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 04:15:00 GMT

read more

CVE-2025-8825 - Linksys Router OS Command Injection Vulnerability

CVE ID : CVE-2025-8825 Published : Aug. 11, 2025, 3:15 a.m. | 4 hours, 13 minutes ago Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function RP_setBasicAuto of the file /goform/RP_setBasicAuto. The manipulation of the argument staticIp/staticNetmask leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 03:15:00 GMT

read more

CVE-2025-8826 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8826 Published : Aug. 11, 2025, 3:15 a.m. | 4 hours, 13 minutes ago Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function um_rp_autochannel of the file /goform/RP_setBasicAuto. The manipulation of the argument apcli_AuthMode_2G/apcli_AuthMode_5G leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 03:15:00 GMT

read more

CVE-2025-8823 - Linksys Wireless Router Os Command Injection Vulnerability

CVE ID : CVE-2025-8823 Published : Aug. 11, 2025, 2:15 a.m. | 5 hours, 13 minutes ago Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setDeviceName of the file /goform/setDeviceName. The manipulation of the argument DeviceName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 02:15:00 GMT

read more

CVE-2025-8824 - Linksys Wireless Routers Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8824 Published : Aug. 11, 2025, 2:15 a.m. | 5 hours, 13 minutes ago Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setRIP of the file /goform/setRIP. The manipulation of the argument RIPmode/RIPpasswd leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 02:15:00 GMT

read more

CVE-2025-8821 - Linksys WiFi Router OS Command Injection Vulnerability

CVE ID : CVE-2025-8821 Published : Aug. 11, 2025, 1:15 a.m. | 6 hours, 13 minutes ago Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function RP_setBasic of the file /goform/RP_setBasic. The manipulation of the argument bssid leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 01:15:00 GMT

read more

CVE-2025-8822 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8822 Published : Aug. 11, 2025, 1:15 a.m. | 6 hours, 13 minutes ago Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function algDisable of the file /goform/setOpMode. The manipulation of the argument opMode leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 01:15:00 GMT

read more

CVE-2025-8820 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8820 Published : Aug. 11, 2025, 12:15 a.m. | 7 hours, 13 minutes ago Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function wirelessBasic of the file /goform/wirelessBasic. The manipulation of the argument submit_SSID1 leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 11 Aug 2025 00:15:00 GMT

read more

CVE-2025-8818 - Linksys Wi-Fi Router OS Command Injection Vulnerability

CVE ID : CVE-2025-8818 Published : Aug. 10, 2025, 11:15 p.m. | 6 hours, 32 minutes ago Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setDFSSetting of the file /goform/setLan. The manipulation of the argument lanNetmask/lanIp leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 23:15:00 GMT

read more

CVE-2025-8819 - Linksys Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8819 Published : Aug. 10, 2025, 11:15 p.m. | 6 hours, 31 minutes ago Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function setWan of the file /goform/setWan. The manipulation of the argument staticIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 23:15:00 GMT

read more

CVE-2025-8817 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8817 Published : Aug. 10, 2025, 10:15 p.m. | 7 hours, 13 minutes ago Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setLan of the file /goform/setLan. The manipulation of the argument lan2enabled leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 22:15:00 GMT

read more

CVE-2025-8815 - Shiro Configuration Path Traversal Vulnerability

CVE ID : CVE-2025-8815 Published : Aug. 10, 2025, 4:15 p.m. | 13 hours, 13 minutes ago Description : A vulnerability was found in 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e. It has been classified as critical. Affected is an unknown function of the file /index of the component Shiro Configuration. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 16:15:00 GMT

read more

CVE-2025-8816 - Linksys Wireless Router Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-8816 Published : Aug. 10, 2025, 4:15 p.m. | 13 hours, 13 minutes ago Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function setOpMode of the file /goform/setOpMode. The manipulation of the argument ethConv leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 16:15:00 GMT

read more

CVE-2025-8813 - Atjiu Pybbs Open Redirect Vulnerability

CVE ID : CVE-2025-8813 Published : Aug. 10, 2025, 3:15 p.m. | 11 hours, 18 minutes ago Description : A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. This vulnerability affects the function changeLanguage of the file src/main/java/co/yiiu/pybbs/controller/front/IndexController.java. The manipulation of the argument referer leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as edb14ff13e9e05394960ba46c3d31d844ff2deac. It is recommended to apply a patch to fix this issue. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 15:15:00 GMT

read more

CVE-2025-8814 - Atjiu Pybbs Cross-Site Request Forgery Vulnerability

CVE ID : CVE-2025-8814 Published : Aug. 10, 2025, 3:15 p.m. | 11 hours, 18 minutes ago Description : A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function setCookie of the file src/main/java/co/yiiu/pybbs/util/CookieUtil.java. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named 8aa2bb1aef3346e49aec6358edf5e47ce905ae7b. It is recommended to apply a patch to fix this issue. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 15:15:00 GMT

read more

CVE-2025-8810 - Tenda AC20 Buffer Overflow Vulnerability

CVE ID : CVE-2025-8810 Published : Aug. 10, 2025, 2:15 p.m. | 12 hours, 18 minutes ago Description : A vulnerability classified as critical was found in Tenda AC20 16.03.08.05. Affected by this vulnerability is the function strcpy of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 14:15:00 GMT

read more

CVE-2025-8811 - Apache Solr SQL Injection Vulnerability

CVE ID : CVE-2025-8811 Published : Aug. 10, 2025, 2:15 p.m. | 12 hours, 18 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 14:15:00 GMT

read more

CVE-2025-8812 - Atjiu Pybbs Admin Panel Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8812 Published : Aug. 10, 2025, 2:15 p.m. | 12 hours, 18 minutes ago Description : A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects an unknown part of the file /api/settings of the component Admin Panel. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 14:15:00 GMT

read more

CVE-2025-8809 - Code-projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8809 Published : Aug. 10, 2025, 1:15 p.m. | 13 hours, 18 minutes ago Description : A vulnerability classified as critical has been found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /addelidetails.php. The manipulation of the argument del leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 13:15:00 GMT

read more

CVE-2025-8807 - "Xujeff Tianti 天梯 Remote Missing Authorization Vulnerability"

CVE ID : CVE-2025-8807 Published : Aug. 10, 2025, 12:15 p.m. | 14 hours, 18 minutes ago Description : A vulnerability was found in xujeff tianti 天梯 up to 2.3. It has been declared as critical. This vulnerability affects unknown code of the file /tianti-module-admin/user/ajax/save. The manipulation leads to missing authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 12:15:00 GMT

read more

CVE-2025-8808 - Tianti CSV Injection Vulnerability

CVE ID : CVE-2025-8808 Published : Aug. 10, 2025, 12:15 p.m. | 14 hours, 18 minutes ago Description : A vulnerability was found in xujeff tianti 天梯 up to 2.3. It has been rated as problematic. This issue affects the function exportOrder of the file /tianti-module-admin/user/ajax/save of the component com.jeff.tianti.controller. The manipulation leads to csv injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 12:15:00 GMT

read more

CVE-2025-8805 - Open5GS SMF Denial of Service Vulnerability

CVE ID : CVE-2025-8805 Published : Aug. 10, 2025, 11:15 a.m. | 15 hours, 18 minutes ago Description : A vulnerability was found in Open5GS up to 2.7.5 and classified as problematic. Affected by this issue is the function smf_gsm_state_wait_pfcp_deletion of the file src/smf/gsm-sm.c of the component SMF. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The patch is identified as c58b8f081986aaf2a312d73a0a17985518b47fe6. It is recommended to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 11:15:00 GMT

read more

CVE-2025-8806 - Zhilink ADP Application Developer Platform SQL Injection Vulnerability

CVE ID : CVE-2025-8806 Published : Aug. 10, 2025, 11:15 a.m. | 15 hours, 18 minutes ago Description : A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. It has been classified as critical. This affects an unknown part of the file /adpweb/a/sys/office/treeData. The manipulation of the argument extId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 11:15:00 GMT

read more

CVE-2025-8803 - Open5GS Denial of Service Vulnerability

CVE ID : CVE-2025-8803 Published : Aug. 10, 2025, 10:15 a.m. | 16 hours, 18 minutes ago Description : A vulnerability, which was classified as problematic, was found in Open5GS up to 2.7.5. Affected is the function gmm_state_de_registered/gmm_state_exception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to launch the attack remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 1f30edac27f69f61cff50162e980fe58fdeb30ca. It is recommended to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 10:15:00 GMT

read more

CVE-2025-8804 - Open5GS AMF Remote Assertion Vulnerability

CVE ID : CVE-2025-8804 Published : Aug. 10, 2025, 10:15 a.m. | 16 hours, 18 minutes ago Description : A vulnerability has been found in Open5GS up to 2.7.5 and classified as problematic. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 10:15:00 GMT

read more

CVE-2025-8801 - Open5GS Denial of Service Vulnerability

CVE ID : CVE-2025-8801 Published : Aug. 10, 2025, 9:15 a.m. | 17 hours, 18 minutes ago Description : A vulnerability classified as problematic has been found in Open5GS up to 2.7.5. This affects the function gmm_state_exception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is f47f2bd4f7274295c5fbb19e2f806753d183d09a. It is recommended to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 09:15:00 GMT

read more

CVE-2025-8802 - Open5GS SMF Denial of Service Vulnerability

CVE ID : CVE-2025-8802 Published : Aug. 10, 2025, 9:15 a.m. | 17 hours, 18 minutes ago Description : A vulnerability classified as problematic was found in Open5GS up to 2.7.5. This vulnerability affects the function smf_state_operational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version v2.7.6 is able to address this issue. The patch is identified as f168f7586a4fa536cee95ae60ac437d997f15b97. It is recommended to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 09:15:00 GMT

read more

CVE-2025-8800 - Open5GS AMF Component Denial of Service Vulnerability

CVE ID : CVE-2025-8800 Published : Aug. 10, 2025, 8:15 a.m. | 18 hours, 18 minutes ago Description : A vulnerability was found in Open5GS up to 2.7.5. It has been rated as problematic. Affected by this issue is the function esm_handle_pdn_connectivity_request of the file src/mme/esm-handler.c of the component AMF Component. The manipulation leads to denial of service. The attack may be launched remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 701505102f514cbde2856cd2ebc9bedb7efc820d. It is recommended to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 08:15:00 GMT

read more

CVE-2025-8799 - Open5GS AMF Denial of Service Vulnerability

CVE ID : CVE-2025-8799 Published : Aug. 10, 2025, 8:15 a.m. | 17 hours, 31 minutes ago Description : A vulnerability was found in Open5GS up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is the function amf_npcf_am_policy_control_build_create/amf_nsmf_pdusession_build_create_sm_context of the file src/amf/npcf-build.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The patch is named cf63dd63197bf61a4b041aa364ba6a6199ab15e4. It is recommended to upgrade the affected component. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 08:15:00 GMT

read more

CVE-2025-8798 - Samarium Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-8798 Published : Aug. 10, 2025, 7:15 a.m. | 18 hours, 31 minutes ago Description : A vulnerability was found in oitcode samarium up to 0.9.6. It has been classified as critical. Affected is an unknown function of the file /dashboard/product of the component Create Product Page. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 07:15:00 GMT

read more

CVE-2025-8797 - "LitmusChaos Litmus LocalStorage Handler Remote Permission Vulnerability"

CVE ID : CVE-2025-8797 Published : Aug. 10, 2025, 7:15 a.m. | 16 hours, 45 minutes ago Description : A vulnerability was found in LitmusChaos Litmus up to 3.19.0 and classified as critical. This issue affects some unknown processing of the component LocalStorage Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 07:15:00 GMT

read more

CVE-2025-8795 - LitmusChaos Litmus Remote File Inclusion Vulnerability

CVE ID : CVE-2025-8795 Published : Aug. 10, 2025, 6:15 a.m. | 17 hours, 45 minutes ago Description : A vulnerability, which was classified as critical, was found in LitmusChaos Litmus up to 3.19.0. This affects an unknown part of the file /auth/login. The manipulation of the argument projectID leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 06:15:00 GMT

read more

CVE-2025-8796 - LitmusChaos Litmus Missing Authorization Vulnerability

CVE ID : CVE-2025-8796 Published : Aug. 10, 2025, 6:15 a.m. | 17 hours, 44 minutes ago Description : A vulnerability has been found in LitmusChaos Litmus up to 3.19.0 and classified as problematic. This vulnerability affects unknown code of the file /auth/delete_project/ of the component Delete Request Handler. The manipulation of the argument projectID leads to missing authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 06:15:00 GMT

read more

CVE-2025-8794 - LitmusChaos Litmus LocalStorage Handler Authorization Bypass

CVE ID : CVE-2025-8794 Published : Aug. 10, 2025, 5:15 a.m. | 18 hours, 5 minutes ago Description : A vulnerability, which was classified as problematic, has been found in LitmusChaos Litmus up to 3.19.0. Affected by this issue is some unknown functionality of the component LocalStorage Handler. The manipulation of the argument projectID leads to authorization bypass. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 05:15:00 GMT

read more

CVE-2025-8793 - "LitmusChaos Litmus Remote Resource Identifier Improper Control Vulnerability"

CVE ID : CVE-2025-8793 Published : Aug. 10, 2025, 4:15 a.m. | 19 hours, 4 minutes ago Description : A vulnerability classified as problematic was found in LitmusChaos Litmus up to 3.19.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument projectID leads to improper control of resource identifiers. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 04:15:00 GMT

read more

CVE-2025-8792 - "LitmusChaos Litmus Client-Side Enforcement of Server-Side Security Remote Vulnerability"

CVE ID : CVE-2025-8792 Published : 10. elokuuta 2025 kello 4.15 | 17 tuntia, 44 minuuttia ago Description : A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 04:15:00 GMT

read more

CVE-2025-52136 - EMQX Unvalidated Plugin Installation Vulnerability

CVE ID : CVE-2025-52136 Published : Aug. 10, 2025, 4:15 a.m. | 11 hours, 25 minutes ago Description : In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability (for later Dashboard installation) is set by the "emqx ctl plugins allow" CLI command. Severity: 3.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 04:15:00 GMT

read more

CVE-2025-8791 - LitmusChaos Litmus Remote File Authorization Bypass

CVE ID : CVE-2025-8791 Published : Aug. 10, 2025, 4:15 a.m. | 11 hours, 25 minutes ago Description : A vulnerability was found in LitmusChaos Litmus up to 3.19.0. It has been rated as critical. This issue affects some unknown processing of the file /auth/list_projects. The manipulation of the argument role leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 04:15:00 GMT

read more

CVE-2025-8789 - Portabilis i-Educar API Endpoint Remote Authorization Bypass Vulnerability

CVE ID : CVE-2025-8789 Published : Aug. 10, 2025, 3:15 a.m. | 11 hours, 17 minutes ago Description : A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been classified as problematic. This affects an unknown part of the file /module/Api/Diario of the component API Endpoint. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 03:15:00 GMT

read more

CVE-2025-8790 - Portabilis i-Educar Remote API Endpoint Authorization Bypass Vulnerability

CVE ID : CVE-2025-8790 Published : Aug. 10, 2025, 3:15 a.m. | 11 hours, 17 minutes ago Description : A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been declared as critical. This vulnerability affects unknown code of the file /module/Api/pessoa of the component API Endpoint. The manipulation of the argument ID leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 03:15:00 GMT

read more

CVE-2025-8788 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8788 Published : Aug. 10, 2025, 3:15 a.m. | 10 hours, 38 minutes ago Description : A vulnerability was found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /planos-de-aula-por-areas-de-conhecimento/ of the component Informações adicionais. The manipulation of the argument Parecer/Conteúdos/Objetivos leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 03:15:00 GMT

read more

CVE-2025-8787 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8787 Published : Aug. 10, 2025, 2:15 a.m. | 11 hours, 38 minutes ago Description : A vulnerability has been found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /registros-de-conteudos-por-disciplina/ of the component Registro das atividades. The manipulation of the argument Registro de atividades/Conteúdos leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 02:15:00 GMT

read more

CVE-2025-8786 - Portabilis i-Diario Cross Site Scripting Vulnerability

CVE ID : CVE-2025-8786 Published : Aug. 10, 2025, 1:15 a.m. | 12 hours, 38 minutes ago Description : A vulnerability, which was classified as problematic, was found in Portabilis i-Diario up to 1.5.0. Affected is an unknown function of the file /registros-de-conteudos-por-areas-de-conhecimento/ of the component Registro das atividades. The manipulation of the argument Registro de atividades/Conteúdos leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 01:15:00 GMT

read more

CVE-2025-8785 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8785 Published : Aug. 10, 2025, 12:15 a.m. | 13 hours, 4 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. This issue affects some unknown processing of the file /intranet/educar_usuario_lst.php. The manipulation of the argument nm_pessoa/matricula/matricula_interna leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 10 Aug 2025 00:15:00 GMT

read more

CVE-2025-8784 - Portabilis i-Educar Cross Site Scripting Vulnerability

CVE ID : CVE-2025-8784 Published : Aug. 9, 2025, 11:15 p.m. | 12 hours, 25 minutes ago Description : A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionario_vinculo_cad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 23:15:00 GMT

read more

CVE-2025-8775 - Qiyuesuo Electronic Signature Platform Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-8775 Published : Aug. 9, 2025, 9:15 p.m. | 14 hours, 25 minutes ago Description : A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 21:15:00 GMT

read more

CVE-2025-8774 - Riscv-boom SonicBOOM L1 Data Cache Handler Timing Discrepancy Vulnerability

CVE ID : CVE-2025-8774 Published : Aug. 9, 2025, 9:15 p.m. | 13 hours, 16 minutes ago Description : A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 21:15:00 GMT

read more

CVE-2025-8773 - Dinstar Monitoring Platform SQL Injection Vulnerability

CVE ID : CVE-2025-8773 Published : Aug. 9, 2025, 8:15 p.m. | 14 hours, 16 minutes ago Description : A vulnerability, which was classified as critical, was found in Dinstar Monitoring Platform 甘肃省危险品库监控平台 1.0. Affected is an unknown function of the file /itc/$%7BappPath%7D/login_getPasswordErrorNum.action. The manipulation of the argument userBean.loginName leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 20:15:00 GMT

read more

CVE-2025-8772 - Vinades NukeViet Server-Side Request Forgery Vulnerability

CVE ID : CVE-2025-8772 Published : Aug. 9, 2025, 8:15 p.m. | 13 hours, 35 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects some unknown processing of the file /admin/index.php?language=en&nv=upload of the component Module Handler. The manipulation leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 20:15:00 GMT

read more

CVE-2025-8765 - Datacom DM955 5GT 1200 Wireless Basic Settings Cross Site Scripting Vulnerability

CVE ID : CVE-2025-8765 Published : Aug. 9, 2025, 7:15 p.m. | 14 hours, 35 minutes ago Description : A vulnerability classified as problematic was found in Datacom DM955 5GT 1200 825.8010.00. Affected by this vulnerability is an unknown functionality of the component Wireless Basic Settings. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 19:15:00 GMT

read more

CVE-2025-8764 - Linlinjava Litemall Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-8764 Published : Aug. 9, 2025, 7:15 p.m. | 13 hours, 16 minutes ago Description : A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 19:15:00 GMT

read more

CVE-2025-8763 - Ruijie EG306MG StrongSwan Aggressive Mode PSK Encryption Bypass Vulnerability

CVE ID : CVE-2025-8763 Published : Aug. 9, 2025, 6:15 p.m. | 14 hours, 16 minutes ago Description : A vulnerability was found in Ruijie EG306MG 3.0(1)B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument i_dont_care_about_security_and_use_aggressive_mode_psk leads to missing encryption of sensitive data. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 18:15:00 GMT

read more

CVE-2025-8759 - TRENDnet Lighttpd Hard-Coded Cryptographic Key Vulnerability

CVE ID : CVE-2025-8759 Published : Aug. 9, 2025, 5:15 p.m. | 14 hours, 34 minutes ago Description : A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 17:15:00 GMT

read more

CVE-2025-8758 - TRENDnet TEW-822DRE FTP Server Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-8758 Published : Aug. 9, 2025, 4:15 p.m. | 15 hours, 34 minutes ago Description : A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 16:15:00 GMT

read more

CVE-2025-8756 - TDuckCloud Authorization Interceptor PreHandle Remote Improper Authorization Vulnerability

CVE ID : CVE-2025-8756 Published : Aug. 9, 2025, 3:15 p.m. | 16 hours, 4 minutes ago Description : A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 15:15:00 GMT

read more

CVE-2025-8757 - TRENDnet Embedded Boa Web Server Least Privilege Violation

CVE ID : CVE-2025-8757 Published : Aug. 9, 2025, 3:15 p.m. | 16 hours, 4 minutes ago Description : A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /server/boa.conf of the component Embedded Boa Web Server. The manipulation leads to least privilege violation. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 15:15:00 GMT

read more

CVE-2022-50233 - Linux Kernel Bluetooth eir strlen Vulnerability

CVE ID : CVE-2022-50233 Published : Aug. 9, 2025, 3:15 p.m. | 14 hours, 4 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be truncated or not. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 15:15:00 GMT

read more

CVE-2024-58238 - "Bluetooth btnxpuart UART Break Timing Vulnerability"

CVE ID : CVE-2024-58238 Published : Aug. 9, 2025, 3:15 p.m. | 14 hours, 4 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test This fixes the tx timeout issue seen while running a stress test on btnxpuart for couple of hours, such that the interval between two HCI commands coincide with the power save timeout value of 2 seconds. Test procedure using bash script: hciconfig hci0 up //Enable Power Save feature hcitool -i hci0 cmd 3f 23 02 00 00 while (true) do hciconfig hci0 leadv sleep 2 hciconfig hci0 noleadv sleep 2 done Error log, after adding few more debug prints: Bluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00 Bluetooth: hci0: Set UART break: on, status=0 Bluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled Bluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00 Can't set advertise mode on hci0: Connection timed out (110) Bluetooth: hci0: command 0x200a tx timeout When the power save mechanism turns on UART break, and btnxpuart_tx_work() is scheduled simultaneously, psdata->ps_state is read as PS_STATE_AWAKE, which prevents the psdata->work from being scheduled, which is responsible to turn OFF UART break. This issue is fixed by adding a ps_lock mutex around UART break on/off as well as around ps_state read/write. btnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is PS_STATE_SLEEP, it will first schedule psdata->work, and then it will reschedule itself once UART break has been turned off and ps_state is PS_STATE_AWAKE. Tested above script for 50,000 iterations and TX timeout error was not observed anymore. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 15:15:00 GMT

read more

CVE-2025-8755 - Macrozheng Mall Authorization Bypass Vulnerability

CVE ID : CVE-2025-8755 Published : Aug. 9, 2025, 2:15 p.m. | 15 hours, 4 minutes ago Description : A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic. This issue affects the function detail of the file UmsMemberController.java of the component com.macro.mall.portal.controller. The manipulation of the argument orderId leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 14:15:00 GMT

read more

CVE-2025-7726 - WordPress The7 Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7726 Published : Aug. 9, 2025, 2:15 p.m. | 13 hours, 25 minutes ago Description : The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via its lightbox rendering code in all versions up to, and including, 12.6.0 due to insufficient input sanitization and output escaping. The theme’s JavaScript reads user-supplied 'title' and 'data-dt-img-description' attributes directly via jQuery.attr(), concatenates them into an HTML string, and inserts that string into the DOM using methods such as jQuery.html() without escaping or filtering. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 14:15:00 GMT

read more

CVE-2025-8753 - Linlinjava Litemall File Handler Path Traversal Vulnerability

CVE ID : CVE-2025-8753 Published : Aug. 9, 2025, 2:15 p.m. | 13 hours, 25 minutes ago Description : A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 14:15:00 GMT

read more

CVE-2025-7020 - BYD DiLink 3.0 OS IVI Unit Log Dump Encryption Bypass

CVE ID : CVE-2025-7020 Published : Aug. 9, 2025, 1:15 p.m. | 14 hours, 25 minutes ago Description : An incorrect encryption implementation vulnerability exists in the system log dump feature of BYD's DiLink 3.0 OS (e.g. in the model ATTO3). An attacker with physical access to the vehicle can bypass the encryption of log dumps on the In-Vehicle Infotainment (IVI) unit's storage. This allows the attacker to access and read system logs containing sensitive data, including personally identifiable information (PII) and location data. This vulnerability was introduced in a patch intended to fix CVE-2024-54728. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 13:15:00 GMT

read more

CVE-2025-8752 - Wangzhixuan Spring-Shiro-Training Command Injection Vulnerability

CVE ID : CVE-2025-8752 Published : Aug. 9, 2025, 12:15 p.m. | 15 hours, 25 minutes ago Description : A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 12:15:00 GMT

read more

CVE-2025-8751 - Protected Total WebShield Extension Chrome Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8751 Published : Aug. 9, 2025, 8:15 a.m. | 17 hours, 25 minutes ago Description : A vulnerability was found in Protected Total WebShield Extension up to 3.2.0 on Chrome. It has been classified as problematic. This affects an unknown part of the component Block Page. The manipulation of the argument Category leads to cross site scripting. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 08:15:00 GMT

read more

CVE-2025-8750 - Macrozheng Mall Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8750 Published : Aug. 9, 2025, 7:15 a.m. | 18 hours, 25 minutes ago Description : A vulnerability has been found in macrozheng mall up to 1.0.3 and classified as problematic. Affected by this vulnerability is the function Upload of the file /minio/upload of the component Add Product Page. The manipulation of the argument File leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 07:15:00 GMT

read more

CVE-2025-8746 - "GNU libopts __strstr_sse2 Memory Corruption Vulnerability"

CVE ID : CVE-2025-8746 Published : Aug. 9, 2025, 6:15 a.m. | 19 hours, 25 minutes ago Description : A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this "bug appears to be in libopts which is an external library." This vulnerability only affects products that are no longer supported by the maintainer. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 06:15:00 GMT

read more

CVE-2025-8771 - Apache Database Configuration Insecure Feature

CVE ID : CVE-2025-8771 Published : Aug. 9, 2025, 5:15 a.m. | 20 hours, 25 minutes ago Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: This affects a legitimate feature. The cause of the issue is an insecure database configuration established by the user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 05:15:00 GMT

read more

CVE-2025-4655 - Liferay Portal SSRF Template Bypass

CVE ID : CVE-2025-4655 Published : Aug. 9, 2025, 5:15 a.m. | 18 hours, 26 minutes ago Description : SSRF vulnerability in FreeMarker templates in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows template editors to bypass access validations via crafted URLs. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 05:15:00 GMT

read more

CVE-2025-8745 - Weee RICEPO App Android AndroidManifest.xml Component Export Vulnerability

CVE ID : CVE-2025-8745 Published : Aug. 9, 2025, 5:15 a.m. | 18 hours, 26 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 05:15:00 GMT

read more

CVE-2025-4581 - Liferay Portal Blind SSRF Vulnerability

CVE ID : CVE-2025-4581 Published : Aug. 9, 2025, 5:15 a.m. | 17 hours, 15 minutes ago Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows a pre-authentication blind SSRF vulnerability in the portal-settings-authentication-opensso-web due to improper validation of user-supplied URLs. An attacker can exploit this issue to force the server to make arbitrary HTTP requests to internal systems, potentially leading to internal network enumeration or further exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 05:15:00 GMT

read more

CVE-2025-55008 - WorkOS AuthKit React Router Authentication Artifact Exposure

CVE ID : CVE-2025-55008 Published : Aug. 9, 2025, 3:15 a.m. | 17 hours, 14 minutes ago Description : The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router. In versions 0.6.1 and below, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by returning them from the authkitLoader. This caused them to be rendered into the browser HTML. This issue is fixed in version 0.7.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55009 - WorkOS AuthKit Remix Sensitive Authentication Artifact Exposure

CVE ID : CVE-2025-55009 Published : Aug. 9, 2025, 3:15 a.m. | 17 hours, 14 minutes ago Description : The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning them from the authkitLoader. This caused them to be rendered into the browser HTML. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55013 - Assemblyline 4 Service Client Path Traversal Vulnerability

CVE ID : CVE-2025-55013 Published : Aug. 9, 2025, 3:15 a.m. | 17 hours, 14 minutes ago Description : The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client (task_handler.py) accepts a SHA-256 value returned by the service server and uses it directly as a local file name.A malicious or compromised server (or any MITM that can speak to client) can return a path-traversal payload such as `../../../etc/cron.d/evil` and force the client to write the downloaded bytes to an arbitrary location on disk. This is fixed in version 4.6.1.dev138. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55149 - Tiny-Scientist PDF Path Traversal Vulnerability

CVE ID : CVE-2025-55149 Published : Aug. 9, 2025, 3:15 a.m. | 17 hours, 14 minutes ago Description : Tiny-Scientist is a lightweight framework for automating the entire lifecycle of scientific research—from ideation to implementation, writing, and review. In versions 0.1.1 and below, a critical path traversal vulnerability has been identified in the review_paper function in backend/app.py. The vulnerability allows malicious users to access arbitrary PDF files on the server by providing crafted file paths that bypass the intended security restrictions. This vulnerability allows attackers to: read any PDF file accessible to the server process, potentially access sensitive documents outside the intended directory and perform reconnaissance on the server's file system structure. This issue does not currently have a fix. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55001 - OpenBao LDAP Auth Bypass Vulnerability

CVE ID : CVE-2025-55001 Published : Aug. 9, 2025, 3:15 a.m. | 15 hours, 14 minutes ago Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. When the username_as_alias=true parameter in the LDAP auth method was in use, the caller-supplied username was used verbatim without normalization, allowing an attacker to bypass alias-specific MFA requirements. This issue was fixed in version 2.3.2. To work around this, remove all usage of the username_as_alias=true parameter and update any entity aliases accordingly. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55003 - OpenBao MFA TOTP Whitespace Bypass Vulnerability

CVE ID : CVE-2025-55003 Published : Aug. 9, 2025, 3:15 a.m. | 15 hours, 14 minutes ago Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao's Login Multi-Factor Authentication (MFA) system allows enforcing MFA using Time-based One Time Password (TOTP). Due to normalization applied by the underlying TOTP library, codes were accepted which could contain whitespace; this whitespace could bypass internal rate limiting of the MFA method and allow reuse of existing MFA codes. This issue was fixed in version 2.3.2. To work around this, use of rate-limiting quotas can limit an attacker's ability to exploit this: https://openbao.org/api-docs/system/rate-limit-quotas/. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55006 - Frappe Learning SVG Injection Vulnerability

CVE ID : CVE-2025-55006 Published : Aug. 9, 2025, 3:15 a.m. | 15 hours, 14 minutes ago Description : Frappe Learning is a learning system that helps users structure their content. In versions 2.33.0 and below, the image upload functionality did not adequately sanitize uploaded SVG files. This allowed users to upload SVG files containing embedded JavaScript or other potentially malicious content. Malicious SVG files could be used to execute arbitrary scripts in the context of other users. A fix for this issue is planned for version 2.34.0. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-54999 - OpenBao User Enumeration Vulnerability

CVE ID : CVE-2025-54999 Published : Aug. 9, 2025, 3:15 a.m. | 13 hours, 14 minutes ago Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, when using OpenBao's userpass auth method, user enumeration was possible due to timing difference between non-existent users and users with stored credentials. This is independent of whether the supplied credentials were valid for the given user. This issue was fixed in version 2.3.2. To work around this issue, users may use another auth method or apply rate limiting quotas to limit the number of requests in a period of time: https://openbao.org/api-docs/system/rate-limit-quotas/. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-55000 - OpenBao TOTP Secrets Engine Code Replay Vulnerability

CVE ID : CVE-2025-55000 Published : Aug. 9, 2025, 3:15 a.m. | 13 hours, 14 minutes ago Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, OpenBao's TOTP secrets engine could accept valid codes multiple times rather than strictly-once. This was caused by unexpected normalization in the underlying TOTP library. To work around, ensure that all codes are first normalized before submitting to the OpenBao endpoint. TOTP code verification is a privileged action; only trusted systems should be verifying codes. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-54997 - OpenBao Audit Subsystem Privilege Escalation

CVE ID : CVE-2025-54997 Published : Aug. 9, 2025, 3:15 a.m. | 11 hours, 14 minutes ago Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators from executing system code or making network connections. However, these operators can bypass both restrictions through the audit subsystem by manipulating log prefixes. This allows unauthorized code execution and network access that violates the intended security model. This issue is fixed in version 2.3.2. To workaround, users can block access to sys/audit/* endpoints using explicit deny policies, but root operators cannot be restricted this way. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-54998 - OpenBao Authentication Bypass Vulnerability

CVE ID : CVE-2025-54998 Published : Aug. 9, 2025, 3:15 a.m. | 11 hours, 14 minutes ago Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, attackers could bypass the automatic user lockout mechanisms in the OpenBao Userpass or LDAP auth systems. This was caused by different aliasing between pre-flight and full login request user entity alias attributions. This is fixed in version 2.3.2. To work around this issue, existing users may apply rate-limiting quotas on the authentication endpoints:, see https://openbao.org/api-docs/system/rate-limit-quotas/. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 03:15:00 GMT

read more

CVE-2025-54417 - Craft CMS Remote Code Execution Bypass

CVE ID : CVE-2025-54417 Published : Aug. 9, 2025, 2:15 a.m. | 12 hours, 14 minutes ago Description : Craft is a platform for creating digital experiences. Versions 4.13.8 through 4.16.2 and 5.5.8 through 5.8.3 contain a vulnerability that can bypass CVE-2025-23209: "Craft CMS has a potential RCE with a compromised security key". To exploit this vulnerability, the project must meet these requirements: have a compromised security key and create an arbitrary file in Craft's /storage/backups folder. With those criteria in place, attackers could create a specific, malicious request to the /updater/restore-db endpoint and execute CLI commands remotely. This issue is fixed in versions 4.16.3 and 5.8.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 02:15:00 GMT

read more

CVE-2025-54888 - Fedify ActivityPub Actor Impersonation Bypass

CVE ID : CVE-2025-54888 Published : Aug. 9, 2025, 2:15 a.m. | 12 hours, 14 minutes ago Description : Fedify is a TypeScript library for building federated server apps powered by ActivityPub. In versions below 1.3.20, 1.4.0-dev.585 through 1.4.12, 1.5.0-dev.636 through 1.5.4, 1.6.0-dev.754 through 1.6.7, 1.7.0-pr.251.885 through 1.7.8 and 1.8.0-dev.909 through 1.8.4, an authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are processed before verifying the signing key belongs to the claimed actor, enabling complete actor impersonation across all Fedify instances. This is fixed in versions 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9 and 1.8.5. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 02:15:00 GMT

read more

CVE-2025-54996 - OpenBao Identity Escalation Privilege Vulnerability

CVE ID : CVE-2025-54996 Published : Aug. 9, 2025, 2:15 a.m. | 12 hours, 14 minutes ago Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to the root policy. While the identity system allowed adding arbitrary policies, which in turn could contain capability grants on arbitrary paths, the root policy was restricted to manual generation using unseal or recovery key shares. The global root policy was not accessible from child namespaces. This issue is fixed in version 2.3.2. To workaround this vulnerability, use of denied_parameters in any policy which has access to the affected identity endpoints (on identity entities) may be sufficient to prohibit this type of attack. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 02:15:00 GMT

read more

CVE-2025-55152 - Oak Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-55152 Published : Aug. 9, 2025, 2:15 a.m. | 12 hours, 14 minutes ago Description : oak is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. In versions 17.1.5 and below, it's possible to significantly slow down an oak server with specially crafted values of the x-forwarded-proto or x-forwarded-for headers. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 02:15:00 GMT

read more

CVE-2025-8744 - CesiumLab Web SQL Injection Vulnerability

CVE ID : CVE-2025-8744 Published : Aug. 9, 2025, 12:15 a.m. | 14 hours, 14 minutes ago Description : A vulnerability classified as critical was found in CesiumLab Web up to 4.0. This vulnerability affects unknown code of the file /lodmodels/. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 00:15:00 GMT

read more

CVE-2025-6573 - Qualcomm Snapdragon Secure Kernel Information Leak

CVE ID : CVE-2025-6573 Published : Aug. 9, 2025, 12:15 a.m. | 13 hours, 4 minutes ago Description : Kernel software installed and running inside an untrusted/rich execution environment (REE) could leak information from the trusted execution environment (TEE). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 00:15:00 GMT

read more

CVE-2025-46709 - Apache HTTP Server Kernel Heap Information Disclosure

CVE ID : CVE-2025-46709 Published : Aug. 9, 2025, 12:15 a.m. | 12 hours, 14 minutes ago Description : Possible memory leak or kernel exceptions caused by reading kernel heap data after free or NULL pointer dereference kernel exception. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 09 Aug 2025 00:15:00 GMT

read more

CVE-2025-8743 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8743 Published : Aug. 8, 2025, 11:15 p.m. | 9 hours, 13 minutes ago Description : A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /data_source_edit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 23:15:00 GMT

read more

CVE-2025-8741 - Macrozheng Mall Remote Cleartext Transmission of Sensitive Information Vulnerability

CVE ID : CVE-2025-8741 Published : Aug. 8, 2025, 10:16 p.m. | 8 hours, 13 minutes ago Description : A vulnerability was found in macrozheng mall up to 1.0.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/login. The manipulation leads to cleartext transmission of sensitive information. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 22:16:00 GMT

read more

CVE-2025-8742 - Macrozheng Mall Admin Login Remote Authentication Bypass Vulnerability

CVE ID : CVE-2025-8742 Published : Aug. 8, 2025, 10:16 p.m. | 8 hours, 13 minutes ago Description : A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 22:16:00 GMT

read more

CVE-2025-55188 - 7-Zip Symbolic Link Extraction Vulnerability

CVE ID : CVE-2025-55188 Published : Aug. 8, 2025, 9:15 p.m. | 8 hours, 12 minutes ago Description : 7-Zip before 25.01 does not always properly handle symbolic links during extraction. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 21:15:00 GMT

read more

CVE-2025-8739 - My-Blog CSRF Vulnerability

CVE ID : CVE-2025-8739 Published : Aug. 8, 2025, 9:15 p.m. | 8 hours, 12 minutes ago Description : A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 21:15:00 GMT

read more

CVE-2025-8740 - My-Blog Category Handler Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8740 Published : Aug. 8, 2025, 9:15 p.m. | 8 hours, 12 minutes ago Description : A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 21:15:00 GMT

read more

CVE-2025-8738 - "zlt2000 Microservices-Platform Spring Actuator Interface Information Disclosure Vulnerability"

CVE ID : CVE-2025-8738 Published : Aug. 8, 2025, 8:15 p.m. | 9 hours, 12 minutes ago Description : A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 20:15:00 GMT

read more

CVE-2025-8737 - Open Redirect Vulnerability in zlt2000 Microservices-Platform

CVE ID : CVE-2025-8737 Published : Aug. 8, 2025, 8:15 p.m. | 7 hours, 11 minutes ago Description : A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 20:15:00 GMT

read more

CVE-2012-10047 - Cyclope Employee Surveillance Solution SQL Injection RCE

CVE ID : CVE-2012-10047 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : Cyclope Employee Surveillance Solution versions 6.x is vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is not properly sanitized, allowing attackers to inject arbitrary SQL statements. This can be leveraged to write and execute a malicious PHP file on disk, resulting in remote code execution under the SYSTEM user context. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10048 - Zenoss Core Command Injection Vulnerability

CVE ID : CVE-2012-10048 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen() call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10049 - WebPageTest PHP File Upload RCE

CVE ID : CVE-2012-10049 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the resultimage.php script. The application fails to validate or sanitize user-supplied input before saving uploaded files to a publicly accessible directory. This flaw allows remote attackers to upload and execute arbitrary PHP code, resulting in full remote code execution under the web server context. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10050 - CuteFlow PHP File Upload Vulnerability (Arbitrary Code Execution)

CVE ID : CVE-2012-10050 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_circulation_values_write.php script. The application fails to validate or restrict uploaded file types, allowing unauthenticated attackers to upload arbitrary PHP files to the upload/___1/ directory. These files are then accessible via the web server, enabling remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10051 - ProShow Producer Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2012-10051 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in the installation directory, the application fails to properly validate its contents, leading to a buffer overflow when the file is parsed during startup. Exploitation requires local access to place the file and user interaction to launch the application. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10052 - EGallery Arbitrary File Upload RCE

CVE ID : CVE-2012-10052 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery/ directory. This results in full remote code execution under the web server context. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10053 - Apache Simple Web Server HTTP Header Buffer Overflow

CVE ID : CVE-2012-10053 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper bounds checking, leading to a buffer overflow on the stack. This flaw allows remote attackers to execute arbitrary code with the privileges of the web server process. The vulnerability is triggered before authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2025-4796 - Eventin WordPress Privilege Escalation Vulnerability

CVE ID : CVE-2025-4796 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.34. This is due to the plugin not properly validating a user's identity or capability prior to updating their details like email in the 'Eventin\Speaker\Api\SpeakerController::update_item' function. This makes it possible for unauthenticated attackers with contributor-level and above permissions to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2025-8735 - GNU cflow Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-8735 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2025-8736 - GNU cflow Lexer Buffer Overflow Vulnerability

CVE ID : CVE-2025-8736 Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago Description : A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10043 - ActFax Server Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2012-10043 Published : Aug. 8, 2025, 7:15 p.m. | 6 hours, 5 minutes ago Description : A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The application fails to properly validate the length of tab-delimited fields in .exp files, leading to unsafe usage of strcpy() during CSV parsing. An attacker can exploit this vulnerability by crafting a malicious .exp file and importing it using the default character set "ECMA-94 / Latin 1 (ISO 8859)". Successful exploitation may result in arbitrary code execution, leading to full system compromise. User interaction is required to trigger the vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10044 - MobileCartly File Creation Vulnerability

CVE ID : CVE-2012-10044 Published : Aug. 8, 2025, 7:15 p.m. | 6 hours, 5 minutes ago Description : MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php script. The application fails to perform authentication or authorization checks before invoking file_put_contents() on attacker-controlled input. An unauthenticated attacker can exploit this flaw by sending crafted HTTP GET requests to savepage.php, specifying both the filename and content. This allows arbitrary file creation within the pages/ directory or any writable path on the server, allowing remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10045 - XODA PHP File Upload RCE

CVE ID : CVE-2012-10045 Published : Aug. 8, 2025, 7:15 p.m. | 6 hours, 5 minutes ago Description : XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to properly validate or restrict uploaded file types. By crafting a multipart/form-data POST request, an attacker can upload a .php file directly into the web-accessible files/ directory and trigger its execution via a subsequent GET request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10046 - "ESVA E-Mail Security Virtual Appliance Unauthenticated Command Injection"

CVE ID : CVE-2012-10046 Published : Aug. 8, 2025, 7:15 p.m. | 6 hours, 5 minutes ago Description : The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an unauthenticated command injection vulnerability in the learn-msg.cgi script. The CGI handler fails to sanitize user-supplied input passed via the id parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and results in full command execution on the underlying system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2010-10013 - AjaXplorer/Pydio Cells Remote Command Execution Vulnerability

CVE ID : CVE-2010-10013 Published : Aug. 8, 2025, 7:15 p.m. | 3 hours, 35 minutes ago Description : An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as Pydio Cells) versions prior to 2.6. The flaw resides in the checkInstall.php script within the access.ssh plugin, which fails to properly sanitize user-supplied input to the destServer GET parameter. By injecting shell metacharacters, remote attackers can execute arbitrary system commands on the server with the privileges of the web server process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10036 - Project Pier Arbitrary File Upload Vulnerability

CVE ID : CVE-2012-10036 Published : Aug. 8, 2025, 7:15 p.m. | 3 hours, 35 minutes ago Description : Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/upload_file.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. The uploaded file is stored with a predictable suffix and can be executed by requesting its URL, resulting in remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10041 - Citrix WAN Emulator Unauthenticated Command Execution and Privilege Escalation Vulnerability

CVE ID : CVE-2012-10041 Published : Aug. 8, 2025, 7:15 p.m. | 3 hours, 35 minutes ago Description : WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls shell_exec() with unsanitized input from the pc POST parameter, allowing remote attackers to execute arbitrary commands as the www-data user. The system also includes a SUID-root binary named dosu, which is vulnerable to command injection via its first argument. An attacker can exploit both flaws in sequence to achieve full remote code execution and escalate privileges to root. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2012-10042 - Apache Sflog! CMS Remote File Upload Vulnerability

CVE ID : CVE-2012-10042 Published : Aug. 8, 2025, 7:15 p.m. | 3 hours, 35 minutes ago Description : Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog management interface. The application ships with default credentials (admin:secret) and allows authenticated users to upload files via manage.php. The upload mechanism fails to validate file types, enabling attackers to upload a PHP backdoor into a web-accessible directory (blogs/download/uploads/). Once uploaded, the file can be executed remotely, resulting in full remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 19:15:00 GMT

read more

CVE-2025-52913 - Mitel MiCollab NuPoint Unified Messaging Path Traversal Vulnerability

CVE ID : CVE-2025-52913 Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP2 (9.8.2.12) could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-52914 - Mitel MiCollab SQL Injection Vulnerability

CVE ID : CVE-2025-52914 Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A vulnerability in the Suite Applications Services component of Mitel MiCollab 10.0 through SP1 FP1 (10.0.1.101) could allow an authenticated attacker to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary SQL database commands. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-5095 - Burk Technology ARC Solo Authentication Bypass

CVE ID : CVE-2025-5095 Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : Burk Technology ARC Solo's password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the device. A password change request can be sent directly to the device's HTTP endpoint without providing valid credentials. The system does not enforce proper authentication or session validation, allowing the password change to proceed without verifying the request's legitimacy. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-8733 - GNU Bison Local Assertion Vulnerability

CVE ID : CVE-2025-8733 Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A vulnerability was found in GNU Bison up to 3.8.2. It has been rated as problematic. This issue affects the function __obstack_vprintf_internal of the file obprintf.c. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-8734 - GNU Bison Double Free Vulnerability

CVE ID : CVE-2025-8734 Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A vulnerability classified as problematic has been found in GNU Bison up to 3.8.2. Affected is the function code_free of the file src/scan-code.c. The manipulation leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-50927 - "EHCP FTP User List XSS"

CVE ID : CVE-2025-50927 Published : Aug. 8, 2025, 6:15 p.m. | 2 hours, 14 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-50928 - Easy Hosting Control Panel EHCP SQL Injection

CVE ID : CVE-2025-50928 Published : Aug. 8, 2025, 6:15 p.m. | 2 hours, 14 minutes ago Description : Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the Change Settings function. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 18:15:00 GMT

read more

CVE-2025-46414 - Apache IoT Device PIN Brute-Force Weakness

CVE ID : CVE-2025-46414 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : The affected product does not limit the number of attempts for inputting the correct PIN for a registered product, which may allow an attacker to gain unauthorized access using brute-force methods if they possess a valid device serial number. The API provides clear feedback when the correct PIN is entered. This vulnerability was patched in a server-side update on April 6, 2025. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-47872 - Cisco Product Serial Number Information Disclosure Vulnerability

CVE ID : CVE-2025-47872 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : The public-facing product registration endpoint server responds differently depending on whether the S/N is valid and unregistered, valid but already registered, or does not exist in the database. Combined with the fact that serial numbers are sequentially assigned, this allows an attacker to gain information on the product registration status of different S/Ns. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-50465 - Apache OpenMetadata SQL Injection

CVE ID : CVE-2025-50465 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : OpenMetadata 1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-50466 - Apache OpenMetadata SQL Injection Vulnerability

CVE ID : CVE-2025-50466 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : OpenMetadata 1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-50467 - Apache OpenMetadata SQL Injection Vulnerability

CVE ID : CVE-2025-50467 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : OpenMetadata 1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-50468 - Apache OpenMetadata SQL Injection Vulnerability

CVE ID : CVE-2025-50468 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : OpenMetadata 1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-53520 - EG4 Firmware Update Vulnerability - Unchecked Archive Exploitation

CVE ID : CVE-2025-53520 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : The affected product allows firmware updates to be downloaded from EG4's website, transferred via USB dongles, or installed through EG4's Monitoring Center (remote, cloud-connected interface) or via a serial connection, and can install these files without integrity checks. The TTComp archive format used for the firmware is unencrypted and can be unpacked and altered without detection. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-8284 - Packet Power Monitoring and Control Web Interface Authentication Bypass

CVE ID : CVE-2025-8284 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication mechanisms. This vulnerability could allow unauthorized users to access and manipulate monitoring and control functions. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-8393 - "Fortnite Phone TLS Accepts Self-Signed Certificates"

CVE ID : CVE-2025-8393 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : A TLS vulnerability exists in the phone application used to manage a connected device. The phone application accepts self-signed certificates when establishing TLS communication which may result in man-in-the-middle attacks on untrusted networks. Captured communications may include user credentials and sensitive session tokens. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-8732 - Libxml2 SGML Catalog Recursion Vulnerability

CVE ID : CVE-2025-8732 Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago Description : A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that "[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all." Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 17:15:00 GMT

read more

CVE-2025-4576 - Liferay Portal Liferay DXP Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-4576 Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.133, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the modules/apps/blogs/blogs-web/src/main/resources/META-INF/resources/blogs/entry_cover_image_caption.jsp Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-52586 - "Vulnerability in Schneider Electric Inverter Command Traffic"

CVE ID : CVE-2025-52586 Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago Description : The MOD3 command traffic between the monitoring application and the inverter is transmitted in plaintext without encryption or obfuscation. This vulnerability may allow an attacker with access to a local network to intercept, manipulate, replay, or forge critical data, including read/write operations for voltage, current, and power configuration, operational status, alarms, telemetry, system reset, or inverter control commands, potentially disrupting power generation or reconfiguring inverter settings. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-8355 - Xerox FreeFlow Core XML SSRF Vulnerability

CVE ID : CVE-2025-8355 Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago Description : In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery (SSRF). Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-8356 - Xerox FreeFlow Core Path Traversal Remote Code Execution

CVE ID : CVE-2025-8356 Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago Description : In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized files on the server. This can lead to Remote Code Execution (RCE), allowing the attacker to run arbitrary commands on the system. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-8731 - TRENDnet SSH Service Default Credentials Vulnerability (Critical)

CVE ID : CVE-2025-8731 Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago Description : A vulnerability was found in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. It has been classified as critical. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 16:15:00 GMT

read more

CVE-2025-36023 - IBM Cloud Pak for Business Automation Information Disclosure Vulnerability

CVE ID : CVE-2025-36023 Published : Aug. 8, 2025, 3:15 p.m. | 4 hours, 5 minutes ago Description : IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF005 and 24.0.1 through 24.0.1 IF002 could allow an authenticated user to view sensitive user and system information due to an indirect object reference through a user-controlled key. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 15:15:00 GMT

read more

CVE-2025-36119 - IBM Digital Certificate Manager for i Web Session Hijacking Privilege Escalation

CVE ID : CVE-2025-36119 Published : Aug. 8, 2025, 3:15 p.m. | 4 hours, 5 minutes ago Description : IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated user obtaining elevated privileges with IBM Digital Certificate Manager for i (DCM) due to a web session hijacking vulnerability. An authenticated user without administrator privileges could exploit this vulnerability to perform actions in DCM as an administrator. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 15:15:00 GMT

read more

CVE-2025-8730 - Belkin Web Interface Hard-Coded Credentials Remote Vulnerability

CVE ID : CVE-2025-8730 Published : Aug. 8, 2025, 3:15 p.m. | 4 hours, 5 minutes ago Description : A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 15:15:00 GMT

read more

CVE-2020-9322 - Statamic Core XSS Vulnerability

CVE ID : CVE-2020-9322 Published : Aug. 8, 2025, 3:15 p.m. | 2 hours, 5 minutes ago Description : The /users endpoint in Statamic Core before 2.11.8 allows XSS to add an administrator user. This can be exploited via CSRF. Stored XSS can occur via a JavaScript payload in a username during account registration. Reflected XSS can occur via the /users PATH_INFO. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 15:15:00 GMT

read more

CVE-2025-8729 - MigoXLab LMeterX Remote Path Traversal Vulnerability

CVE ID : CVE-2025-8729 Published : Aug. 8, 2025, 2:15 p.m. | 3 hours, 5 minutes ago Description : A vulnerability has been found in MigoXLab LMeterX 1.2.0 and classified as critical. Affected by this vulnerability is the function process_cert_files of the file backend/service/upload_service.py. The manipulation of the argument task_id leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is f1b00597e293d09452aabd4fa57f3185207350e8. It is recommended to apply a patch to fix this issue. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 14:15:00 GMT

read more

CVE-2025-8088 - WinRAR Windows Path Traversal RCE

CVE ID : CVE-2025-8088 Published : Aug. 8, 2025, 12:15 p.m. | 5 hours, 5 minutes ago Description : A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 12:15:00 GMT

read more

CVE-2025-8749 - MiR API Path Traversal Vulnerability

CVE ID : CVE-2025-8749 Published : Aug. 8, 2025, 12:15 p.m. | 5 hours, 5 minutes ago Description : Path Traversal vulnerability in API Endpoint in Mobile Industrial Robots (MiR) Software Versions prior to 3.0.0 on MiR Robots allows authenticated users to extract files from the robot file system via a crafted API request. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 12:15:00 GMT

read more

CVE-2025-8748 - MiR Command Injection Vulnerability

CVE ID : CVE-2025-8748 Published : Aug. 8, 2025, 11:15 a.m. | 6 hours, 5 minutes ago Description : MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A malicious HTTP request crafted by an authenticated user could allow the execution of arbitrary commands on the underlying operating system. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 11:15:00 GMT

read more

CVE-2025-48913 - Apache CXF JMS Untrusted Configuration RCE

CVE ID : CVE-2025-48913 Published : Aug. 8, 2025, 10:15 a.m. | 7 hours, 5 minutes ago Description : If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility. Users are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 10:15:00 GMT

read more

CVE-2025-53606 - Apache Seata (incubating) Deserialization of Untrusted Data Remote Code Execution

CVE ID : CVE-2025-53606 Published : Aug. 8, 2025, 10:15 a.m. | 7 hours, 5 minutes ago Description : Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): 2.4.0. Users are recommended to upgrade to version 2.5.0, which fixes the issue. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 10:15:00 GMT

read more

CVE-2025-6572 - OpenStreetMap for Gutenberg WPBakery Page Builder Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6572 Published : Aug. 8, 2025, 6:15 a.m. | 11 hours, 5 minutes ago Description : The OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) WordPress plugin through 1.2.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 06:15:00 GMT

read more

CVE-2025-54940 - WordPress Advanced Custom Fields HTML Injection Vulnerability

CVE ID : CVE-2025-54940 Published : Aug. 8, 2025, 5:15 a.m. | 12 hours, 5 minutes ago Description : An HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4.3. If this vulnerability is exploited, crafted HTML code may be rendered and page display may be tampered. Severity: 3.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 05:15:00 GMT

read more

CVE-2025-54958 - Powered BLUE OS Command Injection Vulnerability

CVE ID : CVE-2025-54958 Published : Aug. 8, 2025, 5:15 a.m. | 12 hours, 5 minutes ago Description : Powered BLUE 870 versions 0.20130927 and prior contain an OS command injection vulnerability. If this vulnerability is exploited, arbitrary OS commands may be executed on the affected product. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 05:15:00 GMT

read more

CVE-2025-54959 - BLUE Server File Traversal Vulnerability

CVE ID : CVE-2025-54959 Published : Aug. 8, 2025, 5:15 a.m. | 12 hours, 5 minutes ago Description : Powered BLUE Server versions 0.20130927 and prior contain a path traversal vulnerability. If this vulnerability is exploited, an arbitrary file in the affected product may be disclosed. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 05:15:00 GMT

read more

CVE-2024-58256 - EnzoH OS Command Injection Vulnerability

CVE ID : CVE-2024-58256 Published : Aug. 8, 2025, 4:16 a.m. | 13 hours, 4 minutes ago Description : EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 04:16:00 GMT

read more

CVE-2024-58257 - EnzoH OS Command Injection

CVE ID : CVE-2024-58257 Published : Aug. 8, 2025, 4:16 a.m. | 13 hours, 4 minutes ago Description : EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 04:16:00 GMT

read more

CVE-2024-58255 - EnzoH OS Command Injection Vulnerability

CVE ID : CVE-2024-58255 Published : Aug. 8, 2025, 4:15 a.m. | 13 hours, 4 minutes ago Description : EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 04:15:00 GMT

read more

CVE-2025-8707 - Huuge Box App Improper Android Application Component Export Vulnerability

CVE ID : CVE-2025-8707 Published : Aug. 8, 2025, 3:15 a.m. | 14 hours, 5 minutes ago Description : A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 03:15:00 GMT

read more

CVE-2025-8708 - Antabot White-Jotter Deserialization Vulnerability

CVE ID : CVE-2025-8708 Published : Aug. 8, 2025, 3:15 a.m. | 14 hours, 5 minutes ago Description : A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeManager of the file ShiroConfiguration.java of the component com.gm.wj.config.ShiroConfiguration. The manipulation with the input EVANNIGHTLY_WAOU leads to deserialization. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 03:15:00 GMT

read more

CVE-2025-8706 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

CVE ID : CVE-2025-8706 Published : Aug. 8, 2025, 2:15 a.m. | 15 hours, 5 minutes ago Description : A vulnerability has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /CommonSolution/CreateFunctionLog of the component Energy Overview Module. The manipulation of the argument MM_MenID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 02:15:00 GMT

read more

CVE-2025-54886 - Skops Remote Code Execution Vulnerability

CVE ID : CVE-2025-54886 Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago Description : skops is a Python library which helps users share and ship their scikit-learn based models. In versions 0.12.0 and below, the Card.get_model does not contain any logic to prevent arbitrary code execution. The Card.get_model function supports both joblib and skops for model loading. When loading .skops models, it uses skops' secure loading with trusted type validation, raising errors for untrusted types unless explicitly allowed. However, when non-.zip file formats are provided, the function silently falls back to joblib without warning. Unlike skops, joblib allows arbitrary code execution during loading, bypassing security measures and potentially enabling malicious code execution. This issue is fixed in version 0.13.0. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-54887 - jwe JSON Web Encryption Authentication Tag Brute Force Vulnerability

CVE ID : CVE-2025-54887 Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago Description : jwe is a Ruby implementation of the RFC 7516 JSON Web Encryption (JWE) standard. In versions 1.1.0 and below, authentication tags of encrypted JWEs can be brute forced, which may result in loss of confidentiality for those JWEs and provide ways to craft arbitrary JWEs. This puts users at risk because JWEs can be modified to decrypt to an arbitrary value, decrypted by observing parsing differences and the GCM internal GHASH key can be recovered. Users are affected by this vulnerability even if they do not use an AES-GCM encryption algorithm for their JWEs. As the GHASH key may have been leaked, users must rotate the encryption keys after upgrading. This issue is fixed in version 1.1.1. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-8703 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

CVE ID : CVE-2025-8703 Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago Description : A vulnerability classified as critical was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This vulnerability affects unknown code of the file /WEAS_HomePage/GetAreaTrendChartData of the component Environmental Real-Time Data Module. The manipulation of the argument energyId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-8704 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection

CVE ID : CVE-2025-8704 Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago Description : A vulnerability, which was classified as critical, has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This issue affects some unknown processing of the file /WEAS_AlarmResult/GetAlarmResultProcessList of the component Analysis Conclusion Query Module. The manipulation of the argument resultId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-8705 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

CVE ID : CVE-2025-8705 Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago Description : A vulnerability, which was classified as critical, was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. Affected is an unknown function of the file /WEAS_HomePage/GetTargetConfig of the component Energy Overview Module. The manipulation of the argument BP_ProID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-54793 - Astro Open Redirect Vulnerability

CVE ID : CVE-2025-54793 Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 5 minutes ago Description : Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs such as https://mydomain.com//malicious-site.com/. This increases the risk of phishing and other social engineering attacks. This affects sites that use on-demand rendering (SSR) with the Node or Cloudflare adapters. It does not affect static sites, or sites deployed to Netlify or Vercel. This issue is fixed in version 5.12.8. To work around this issue at the network level, block outgoing redirect responses with a Location header value that starts with `//`. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 01:15:00 GMT

read more

CVE-2025-54368 - "uv ZIP Archive Extraction Vulnerability"

CVE ID : CVE-2025-54368 Published : Aug. 8, 2025, 12:15 a.m. | 15 hours, 4 minutes ago Description : uv is a Python package and project manager written in Rust. In versions 0.8.5 and earlier, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. An attacker could contrive a ZIP archive that would extract with legitimate contents on some package installers, and malicious contents on others due to multiple local file entries. An attacker could also contrive a "stacked" ZIP input with multiple internal ZIPs, which would be handled differently by different package installers. The attacker could choose which installer to target in both scenarios. This issue is fixed in version 0.8.6. To work around this issue, users may choose to set UV_INSECURE_NO_ZIP_VALIDATION=1 to revert to the previous behavior. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 00:15:00 GMT

read more

CVE-2025-54952 - ExecuTorch Integer Overflow Code Execution Vulnerability

CVE ID : CVE-2025-54952 Published : Aug. 8, 2025, 12:15 a.m. | 15 hours, 4 minutes ago Description : An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 00:15:00 GMT

read more

CVE-2025-8702 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

CVE ID : CVE-2025-8702 Published : Aug. 8, 2025, 12:15 a.m. | 15 hours, 4 minutes ago Description : A vulnerability classified as critical has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This affects an unknown part of the file /CommonSolution/GetVariableByOneIDNew of the component Historical Data Query Module. The manipulation of the argument ObjectID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 08 Aug 2025 00:15:00 GMT

read more

Fuite de données chez Optic 2000

]]>

Fri Aug 08 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-54951 - ExecuTorch Buffer Overflow Vulnerabilities

CVE ID : CVE-2025-54951 Published : Aug. 7, 2025, 11:15 p.m. | 15 hours, 12 minutes ago Description : A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-54949 - ExecuTorch Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-54949 Published : Aug. 7, 2025, 11:15 p.m. | 12 hours, 40 minutes ago Description : A heap buffer overflow vulnerability in the loading of ExecuTorch models can potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit ede82493dae6d2d43f8c424e7be4721abe5242be Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-54950 - Oracle ExecuTorch Out-of-Bounds Access Code Execution

CVE ID : CVE-2025-54950 Published : Aug. 7, 2025, 11:15 p.m. | 12 hours, 40 minutes ago Description : An out-of-bounds access vulnerability in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit fb03b6f85596a8f954d97929075335255b6a58d4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-30405 - ExecuTorch Integer Overflow Code Execution Vulnerability

CVE ID : CVE-2025-30405 Published : Aug. 7, 2025, 11:15 p.m. | 12 hours, 2 minutes ago Description : An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-30404 - Apache ExecuTorch Integer Overflow Code Execution

CVE ID : CVE-2025-30404 Published : Aug. 7, 2025, 11:15 p.m. | 10 hours, 33 minutes ago Description : An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 23:15:00 GMT

read more

CVE-2025-54787 - SuiteCRM Unauthenticated File Download Vulnerability

CVE ID : CVE-2025-54787 Published : Aug. 7, 2025, 10:15 p.m. | 11 hours, 33 minutes ago Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. There is a vulnerability in SuiteCRM version 7.14.6 which allows unauthenticated downloads of any file from the upload-directory, as long as it is named by an ID (e.g. attachments). An unauthenticated attacker could download internal files when he discovers a valid file-ID. Valid IDs could be brute-forced, but this is quite time-consuming as the file-IDs are usually UUIDs. This issue is fixed in version 7.14.7. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 22:15:00 GMT

read more

CVE-2025-53787 - Microsoft 365 Copilot BizChat Sensitive Data Exposure

CVE ID : CVE-2025-53787 Published : Aug. 7, 2025, 9:15 p.m. | 8 hours, 3 minutes ago Description : Microsoft 365 Copilot BizChat Information Disclosure Vulnerability Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-53792 - Azure Portal Unauthenticated Remote Command Injection

CVE ID : CVE-2025-53792 Published : Aug. 7, 2025, 9:15 p.m. | 8 hours, 3 minutes ago Description : Azure Portal Elevation of Privilege Vulnerability Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-8698 - Open5GS AMF Service Assertion Vulnerability

CVE ID : CVE-2025-8698 Published : Aug. 7, 2025, 9:15 p.m. | 8 hours, 3 minutes ago Description : A vulnerability was found in Open5GS up to 2.7.5. It has been classified as problematic. Affected is the function amf_nsmf_pdusession_handle_release_sm_context of the file src/amf/nsmf-handler.c of the component AMF Service. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The name of the patch is 66bc558e417e70ae216ec155e4e81c14ae0ecf30. It is recommended to apply a patch to fix this issue. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-8701 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability

CVE ID : CVE-2025-8701 Published : Aug. 7, 2025, 9:15 p.m. | 8 hours, 3 minutes ago Description : A vulnerability was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /OL_OprationLog/GetPageList. The manipulation of the argument optUser leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-45765 - Apache Ruby-JWT Weak Encryption Vulnerability

CVE ID : CVE-2025-45765 Published : Aug. 7, 2025, 9:15 p.m. | 6 hours, 22 minutes ago Description : ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also." Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-53767 - Azure OpenAI Privilege Escalation

CVE ID : CVE-2025-53767 Published : Aug. 7, 2025, 9:15 p.m. | 6 hours, 22 minutes ago Description : Azure OpenAI Elevation of Privilege Vulnerability Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-53774 - Microsoft 365 Copilot BizChat Unauthenticated Data Exposure

CVE ID : CVE-2025-53774 Published : Aug. 7, 2025, 9:15 p.m. | 6 hours, 22 minutes ago Description : Microsoft 365 Copilot BizChat Information Disclosure Vulnerability Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-26513 - EMC SAN Host Utilities Privilege Escalation Vulnerability

CVE ID : CVE-2025-26513 Published : Aug. 7, 2025, 9:15 p.m. | 6 hours, 3 minutes ago Description : The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a vulnerability which when successfully exploited could allow a local user to escalate their privileges. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 21:15:00 GMT

read more

CVE-2025-48709 - BMC Control-M Cleartext Credentials Exposure Vulnerability

CVE ID : CVE-2025-48709 Published : Aug. 7, 2025, 8:15 p.m. | 7 hours, 3 minutes ago Description : An issue was discovered in BMC Control-M 9.0.21.300. When Control-M Server has a database connection, it runs DBUStatus.exe frequently, which then calls dbu_connection_details.vbs with the username, password, database hostname, and port written in cleartext, which can be seen in event and process logs in two separate locations. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47183 - GStreamer Isomp4 Information Disclosure

CVE ID : CVE-2025-47183 Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago Description : In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47219 - GStreamer isomp4 Information Disclosure Vulnerability

CVE ID : CVE-2025-47219 Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago Description : In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47806 - GStreamer Subparse Buffer Overflow

CVE ID : CVE-2025-47806 Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago Description : In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47807 - GStreamer Subparse NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-47807 Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago Description : In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-47808 - GStreamer Subparse NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-47808 Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago Description : In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 20:15:00 GMT

read more

CVE-2025-7195 - Operator-SDK Insecure User Setup Permissions Vulnerability

CVE ID : CVE-2025-7195 Published : Aug. 7, 2025, 7:15 p.m. | 5 hours, 34 minutes ago Description : Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images. In affected images, the /etc/passwd file was created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container. Severity: 5.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-8697 - AgentUniverse MCPSessionManager/MCPTool/MCPToolkit Os Command Injection Vulnerability

CVE ID : CVE-2025-8697 Published : Aug. 7, 2025, 7:15 p.m. | 5 hours, 34 minutes ago Description : A vulnerability was found in agentUniverse up to 0.0.18 and classified as critical. This issue affects the function StdioServerParameters of the component MCPSessionManager/MCPTool/MCPToolkit. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-50675 - GPMAW Unprivileged Privilege Escalation Vulnerability

CVE ID : CVE-2025-50675 Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 33 minutes ago Description : GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory, including executable files like GPMAW3.exe, Fragment.exe, and the uninstaller GPsetup64_17028.exe. An attacker with user-level access can exploit this misconfiguration by replacing or modifying the uninstaller (GPsetup64_17028.exe) with a malicious version. While the application itself runs in the user's context, the uninstaller is typically executed with administrative privileges when an administrator attempts to uninstall the software. By exploiting this flaw, an attacker could gain administrative privileges and execute arbitrary code in the context of the admin, resulting in privilege escalation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-50692 - FoxCMS Remote Code Execution Vulnerability

CVE ID : CVE-2025-50692 Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 33 minutes ago Description : FoxCMS v1.2.5 is vulnerable to Code Execution in admin/template_file/editFile.html. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-51533 - Sage DPW IDOR Vulnerability

CVE ID : CVE-2025-51533 Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 33 minutes ago Description : An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized attackers to access internal forms via sending a crafted GET request. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2025-55077 - Tyler Technologies ERP Pro 9 SaaS Privilege Escalation Command Injection

CVE ID : CVE-2025-55077 Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 33 minutes ago Description : Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and execute limited operating system commands within the remote Microsoft Windows environment with the privileges of the authenticated user. Tyler Technologies deployed hardened remote Windows environment settings to all ERP Pro 9 SaaS customer environments as of 2025-08-01. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 19:15:00 GMT

read more

CVE-2023-41530 - "MediCare SQL Injection"

CVE ID : CVE-2023-41530 Published : Aug. 7, 2025, 6:15 p.m. | 4 hours, 33 minutes ago Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41531 - Hospital Management System SQL Injection Vulnerability

CVE ID : CVE-2023-41531 Published : Aug. 7, 2025, 6:15 p.m. | 4 hours, 33 minutes ago Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41532 - Medicore Hospital Management System SQL Injection

CVE ID : CVE-2023-41532 Published : Aug. 7, 2025, 6:15 p.m. | 4 hours, 33 minutes ago Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the doctor_contact parameter in doctorsearch.php. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2025-51629 - Eccobook PdfViewer XSS

CVE ID : CVE-2025-51629 Published : Aug. 7, 2025, 6:15 p.m. | 4 hours, 33 minutes ago Description : A cross-site scripting (XSS) vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41521 - SAM System SQL Injection Vulnerability

CVE ID : CVE-2023-41521 Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createSessionTerm.php via the id, termId, and sessionName parameters. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41522 - SAMSS SQL Injection Vulnerability

CVE ID : CVE-2023-41522 Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41523 - SAMSS SQL Injection

CVE ID : CVE-2023-41523 Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the emailAddress parameter at createClassTeacher.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41524 - SAM System SQL Injection

CVE ID : CVE-2023-41524 Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the username parameter at index.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41525 - MedCare Hospital Management System SQL Injection

CVE ID : CVE-2023-41525 Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41526 - "MediCare Hospital Management System SQL Injection Vulnerability"

CVE ID : CVE-2023-41526 Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41527 - Medcare Hospital Management System SQL Injection

CVE ID : CVE-2023-41527 Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41528 - "MediCare SQL Injection Vulnerability"

CVE ID : CVE-2023-41528 Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41529 - "MediSys Hospital Management System Cross-Site Scripting Vulnerability"

CVE ID : CVE-2023-41529 Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago Description : Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-40992 - Apache Hospital Management System SQL Injection Vulnerability

CVE ID : CVE-2023-40992 Published : Aug. 7, 2025, 6:15 p.m. | 1 hour, 16 minutes ago Description : Hospital Management System 4 is vulnerable to a SQL injection in /Hospital-Management-System-master/func.php via the password2 parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41519 - SAM System Cross-Site Scripting Vulnerability

CVE ID : CVE-2023-41519 Published : Aug. 7, 2025, 6:15 p.m. | 1 hour, 16 minutes ago Description : Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS) vulnerability via the sessionName parameter at createSessionTerm.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2023-41520 - SAM System SQL Injection Vulnerability

CVE ID : CVE-2023-41520 Published : Aug. 7, 2025, 6:15 p.m. | 1 hour, 16 minutes ago Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 18:15:00 GMT

read more

CVE-2025-54397 - Netwrix Directory Manager Information Disclosure Vulnerability

CVE ID : CVE-2025-54397 Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 16 minutes ago Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-55137 - Apache LinkJoin Authentication Bypass

CVE ID : CVE-2025-55137 Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 16 minutes ago Description : LinkJoin through 882f196 mishandles lacks type checking in password reset. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-55138 - LinkJoin Password Reset Token Ownership Vulnerability

CVE ID : CVE-2025-55138 Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 16 minutes ago Description : LinkJoin through 882f196 mishandles token ownership in password reset. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34152 - "Aitemi M300 Wi-Fi Repeater OS Command Injection"

CVE ID : CVE-2025-34152 Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago Description : An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike other injection points, this vector allows remote compromise without triggering visible configuration changes. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54392 - Netwrix Directory Manager Cross-Site Scripting

CVE ID : CVE-2025-54392 Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54393 - Netwrix Directory Manager Static Code Injection Vulnerability

CVE ID : CVE-2025-54393 Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54394 - Netwrix Directory Manager Insufficiently Protected Credentials Vulnerability

CVE ID : CVE-2025-54394 Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54395 - Netwrix Directory Manager XSS Vulnerability

CVE ID : CVE-2025-54395 Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-54396 - Netwrix Directory Manager SQL Injection

CVE ID : CVE-2025-54396 Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2024-42048 - OpenOrange Business Framework Privilege Escalation

CVE ID : CVE-2024-42048 Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago Description : OpenOrange Business Framework 1.15.5 provides unprivileged users with write access to the installation directory. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-24000 - WPExperts Post SMTP Authentication Bypass

CVE ID : CVE-2025-24000 Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in WPExperts Post SMTP allows Authentication Bypass.This issue affects Post SMTP: from n/a through 3.2.0. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34148 - Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection Vulnerability

CVE ID : CVE-2025-34148 Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago Description : An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). When configuring the device in WISP mode, the 'ssid' parameter is passed unsanitized to system-level scripts. This allows remote attackers within Wi-Fi range to inject arbitrary shell commands that execute as root, resulting in full device compromise. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34149 - Shenzhen Aitemi M300 Wi-Fi Repeater WPA2 Command Injection

CVE ID : CVE-2025-34149 Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago Description : A command injection vulnerability affects the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) during WPA2 configuration. The 'key' parameter is interpreted directly by the system shell, enabling attackers to execute arbitrary commands as root. Exploitation requires no authentication and can be triggered during wireless setup. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34150 - Shenzhen Aitemi M300 Wi-Fi Repeater PPPoE Command Injection Vulnerability

CVE ID : CVE-2025-34150 Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago Description : The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) is vulnerable to command injection via the 'user' parameter. Input is processed unsafely during network setup, allowing attackers to execute arbitrary system commands with root privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2025-34151 - Shenzhen Aitemi M300 Wi-Fi Repeater Command Injection Vulnerability

CVE ID : CVE-2025-34151 Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago Description : A command injection vulnerability exists in the 'passwd' parameter of the PPPoE setup process on the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). The input is passed directly to system-level commands without sanitation, enabling unauthenticated attackers to achieve root-level code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 17:15:00 GMT

read more

CVE-2024-56339 - IBM WebSphere Application Server Bypass of Security Restrictions Vulnerability

CVE ID : CVE-2024-56339 Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago Description : IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker to bypass security restrictions caused by a failure to honor security configuration. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-44779 - Ollama File Deletion Remote Code Execution

CVE ID : CVE-2025-44779 Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago Description : An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-47907 - Apache Cassandra Rows QueryLogic Race Condition

CVE ID : CVE-2025-47907 Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago Description : Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-55133 - Agora Foundation Agora Cross-Site Scripting (XSS)

CVE ID : CVE-2025-55133 Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago Description : In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-55134 - "Agora Foundation Agora XSS Injection Vulnerability"

CVE ID : CVE-2025-55134 Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago Description : In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-55135 - Agora Foundation Agora XSS via SVG Profile Picture

CVE ID : CVE-2025-55135 Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago Description : In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats other than PNG, JPEG, and WEBP are permitted by server/routes/userRoutes.js; this includes SVG. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-55136 - ERC Insecure Deserialization Vulnerability

CVE ID : CVE-2025-55136 Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago Description : ERC (aka Emotion Recognition in Conversation) through 0.3 has insecure deserialization via a serialized object because jsonpickle is used. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-7054 - Cloudflare Quiche Infinite QUIC Connection ID Retirement Loop Vulnerability

CVE ID : CVE-2025-7054 Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago Description : Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRE_CONNECTION_ID frames. QUIC connections possess a set of connection identifiers (IDs); see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000#section-5.1 . Once the QUIC handshake completes, a local endpoint is responsible for issuing and retiring Connection IDs that are used by the remote peer to populate the Destination Connection ID field in packets sent from remote to local. Each Connection ID has a sequence number to ensure synchronization between peers. An unauthenticated remote attacker can exploit this vulnerability by first completing a handshake and then sending a specially-crafted set of frames that trigger a connection ID retirement in the victim. When the victim attempts to send a packet containing RETIRE_CONNECTION_ID frames, Section 19.16 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000#section-19.6 requires that the sequence number of the retired connection ID must not be the same as the sequence number of the connection ID used by the packet. In other words, a packet cannot contain a frame that retires itself. In scenarios such as path migration, it is possible for there to be multiple active paths with different active connection IDs that could be used to retire each other. The exploit triggered an unintentional behaviour of a quiche design feature that supports retirement across paths while maintaining full connection ID synchronization, leading to an infinite loop.This issue affects quiche: from 0.15.0 before 0.24.5. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 16:15:00 GMT

read more

CVE-2025-47188 - Mitel SIP Phones Command Injection Vulnerability

CVE ID : CVE-2025-47188 Published : Aug. 7, 2025, 3:15 p.m. | 2 hours, 16 minutes ago Description : A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit through 6.4 SP4, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the context of the phone, leading to disclosure or modification of sensitive configuration data or affecting device availability and operation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 15:15:00 GMT

read more

CVE-2025-50952 - OpenJPEG NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-50952 Published : Aug. 7, 2025, 3:15 p.m. | 2 hours, 16 minutes ago Description : openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 15:15:00 GMT

read more

CVE-2024-52680 - EyouCMS Cross Site Scripting Vulnerability

CVE ID : CVE-2024-52680 Published : Aug. 7, 2025, 2:15 p.m. | 3 hours ago Description : EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web&lang=cn. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 14:15:00 GMT

read more

CVE-2024-55401 - 4C Strategies Exonaut Directory Traversal Vulnerability

CVE ID : CVE-2024-55401 Published : Aug. 7, 2025, 2:15 p.m. | 3 hours ago Description : An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 14:15:00 GMT

read more

CVE-2025-8533 - Fantastical XPC Services Unauthenticated Remote Code Execution

CVE ID : CVE-2025-8533 Published : Aug. 7, 2025, 10:15 a.m. | 7 hours ago Description : A vulnerability was identified in the XPC services of Fantastical. The services failed to implement proper client authorization checks in its listener:shouldAcceptNewConnection method, unconditionally accepting requests from any local process. As a result, any local, unprivileged process could connect to the XPC service and access its methods. This issue has been resolved in version 4.0.16. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 10:15:00 GMT

read more

CVE-2025-29866 - TAGFREE X-Free Uploader Path Traversal Vulnerability

CVE ID : CVE-2025-29866 Published : Aug. 7, 2025, 6:15 a.m. | 11 hours ago Description : : External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 06:15:00 GMT

read more

CVE-2025-35970 - SEIKO EPSON and FUJIFILM SNMP Guessable Administrator Password Vulnerability

CVE ID : CVE-2025-35970 Published : Aug. 7, 2025, 6:15 a.m. | 11 hours ago Description : On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 06:15:00 GMT

read more

CVE-2025-32094 - Akamai Ghost HTTP Request Smuggling Vulnerability

CVE ID : CVE-2025-32094 Published : Aug. 7, 2025, 5:15 a.m. | 12 hours ago Description : An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead to a discrepancy in how two in-path Akamai servers interpret the request, allowing an attacker to smuggle a second request in the original request body. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 05:15:00 GMT

read more

CVE-2025-29865 - TAGFREE X-Free Uploader Path Traversal Vulnerability

CVE ID : CVE-2025-29865 Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago Description : : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TAGFREE X-Free Uploader XFU allows Path Traversal.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8576 - "Google Chrome Extensions Use After Free Heap Corruption Vulnerability"

CVE ID : CVE-2025-8576 Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago Description : Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8577 - Google Chrome Picture In Picture UI Spoofing Vulnerability

CVE ID : CVE-2025-8577 Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago Description : Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8578 - Google Chrome Use After Free Heap Corruption Vulnerability

CVE ID : CVE-2025-8578 Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago Description : Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8579 - Google Chrome Picture In Picture UI Spoofing Vulnerability

CVE ID : CVE-2025-8579 Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago Description : Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8580 - Google Chrome Filesystems UI Spoofing Vulnerability

CVE ID : CVE-2025-8580 Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago Description : Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8581 - Google Chrome Extensions Cross-Origin Data Leakage

CVE ID : CVE-2025-8581 Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago Description : Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8582 - Google Chrome URL Bar Spoofing Vulnerability

CVE ID : CVE-2025-8582 Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago Description : Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-8583 - Google Chrome Permissions UI Spoofing Vulnerability

CVE ID : CVE-2025-8583 Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago Description : Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 02:15:00 GMT

read more

CVE-2025-3770 - EDK2 BIOS Bootkit Execution

CVE ID : CVE-2025-3770 Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago Description : EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54783 - SuiteCRM Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54783 Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 7.14.6 and below have a Reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability allows an attacker to execute JavaScript code by modifying the HTTP Referer header to include some arbitrary domain with malicious JavaScript code at the end. The server will attempt to block the arbitrary domain but allow the JavaScript code to execute. This is fixed in version 7.14.7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54784 - SuiteCRM Cross Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-54784 Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. There is a Cross Site Scripting (XSS) vulnerability in the email viewer in versions 7.14.0 through 7.14.6. An external attacker could send a prepared message to the inbox of the SuiteCRM-instance. By simply viewing emails as the logged-in user, the payload can be triggered. With that, an attacker is able to run arbitrary actions as the logged-in user - like extracting data, or if it is an admin executing the payload, takeover the instance. This is fixed in versions 7.14.7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54798 - tmp Node.js Symbolic Link Directory Write Vulnerability

CVE ID : CVE-2025-54798 Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago Description : tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54799 - Lego ACME Library HTTP to HTTPS Enforcement Weakness

CVE ID : CVE-2025-54799 Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago Description : Let's Encrypt client and ACME library written in Go (Lego). In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package (thus the lego library and the lego cli as well) don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME challenge over unencrypted HTTP, the ACME protocol requires HTTPS when a client communicates with the CA to performs ACME functions. However, the library fails to enforce HTTPS both in the original discover URL (configured by the library user) and in the subsequent addresses returned by the CAs in the directory and order objects. If users input HTTP URLs or CAs misconfigure endpoints, protocol operations occur over HTTP instead of HTTPS. This compromises privacy by exposing request/response details like account and request identifiers to network attackers. This was fixed in version 4.25.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54882 - Microsoft Azure Entra ID and Intune Himmelblau World Readable Kerberos Credential Cache

CVE ID : CVE-2025-54882 Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago Description : Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.8.0 through 0.9.21 and 1.0.0-beta through 1.1.0, Himmelblau stores the cloud TGT received during logon in the Kerberos credential cache. The created credential cache collection and received credentials are stored as world readable. This is fixed in versions 0.9.22 and 1.2.0. To work around this issue, remove all read access to Himmelblau caches for all users except for owners. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54885 - Thinbus Javascript Secure Remote Password SRP6a Protocol Compliance Bug

CVE ID : CVE-2025-54885 Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago Description : Thinbus Javascript Secure Remote Password is a browser SRP6a implementation for zero-knowledge password authentication. In versions 2.0.0 and below, a protocol compliance bug causes the client to generate a fixed 252 bits of entropy instead of the intended bit length of the safe prime (defaulted to 2048 bits). The client public value is being generated from a private value that is 4 bits below the specification. This reduces the protocol's designed security margin it is now practically exploitable. The servers full sized 2048 bit random number is used to create the shared session key and password proof. This is fixed in version 2.0.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 01:15:00 GMT

read more

CVE-2025-54788 - SuiteCRM InboundEmail SQL Injection Vulnerability

CVE ID : CVE-2025-54788 Published : Aug. 7, 2025, 12:15 a.m. | 15 hours, 49 minutes ago Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions and below, the InboundEmail module allows the arbitrary execution of queries in the backend database, leading to SQL injection. This can have wide-reaching implications on confidentiality, integrity, and availability, as database data can be retrieved, modified, or removed entirely. This issue is fixed in version 7.14.7. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 00:15:00 GMT

read more

CVE-2025-54785 - SuiteCRM PHP Object Injection Vulnerability

CVE ID : CVE-2025-54785 Published : Aug. 7, 2025, 12:15 a.m. | 15 hours ago Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.6 and 8.8.0, user-supplied input is not validated/sanitized before it is passed to the unserialize function, which could lead to penetration, privilege escalation, sensitive data exposure, Denial of Service, cryptomining and ransomware. This issue is fixed in version 7.14.7 and 8.8.1. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 00:15:00 GMT

read more

CVE-2025-54786 - SuiteCRM Broken Authentication in iCal Service

CVE ID : CVE-2025-54786 Published : Aug. 7, 2025, 12:15 a.m. | 15 hours ago Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.6 and 8.8.0, the broken authentication in the legacy iCal service allows unauthenticated access to meeting data. An unauthenticated actor can view any user's meeting (calendar event) data given their username, related functionality allows user enumeration. This is fixed in versions 7.14.7 and 8.8.1. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 07 Aug 2025 00:15:00 GMT

read more

CVE-2023-3194 - CVE-2022-1234: Apache Struts Remote Code Execution

CVE ID : CVE-2023-3194 Published : Aug. 6, 2025, 11:15 p.m. | 14 hours, 15 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 23:15:00 GMT

read more

CVE-2025-8086 - Apache HTTP Server Remote Code Execution Vulnerability

CVE ID : CVE-2025-8086 Published : Aug. 6, 2025, 11:15 p.m. | 14 hours, 15 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 23:15:00 GMT

read more

CVE-2025-7770 - Tigo Energy CCA Predictable Session ID Vulnerability

CVE ID : CVE-2025-7770 Published : Aug. 6, 2025, 9:15 p.m. | 11 hours, 59 minutes ago Description : Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable method based on the current timestamp, allowing attackers to recreate valid session IDs. When combined with the ability to circumvent session ID requirements for certain commands, this enables unauthorized access to sensitive device functions on connected solar optimization systems. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-7768 - Tigo Energy CCA Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-7768 Published : Aug. 6, 2025, 9:15 p.m. | 8 hours, 32 minutes ago Description : Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow unauthorized users to gain administrative access. This vulnerability enables attackers to escalate privileges and take full control of the device, potentially modifying system settings, disrupting solar energy production, and interfering with safety mechanisms. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-7769 - Tigo Energy CCA Command Injection Vulnerability

CVE ID : CVE-2025-7769 Published : Aug. 6, 2025, 9:15 p.m. | 8 hours, 32 minutes ago Description : Tigo Energy's CCA is vulnerable to a command injection vulnerability in the /cgi-bin/mobile_api endpoint when the DEVICE_PING command is called, allowing remote code execution due to improper handling of user input. When used with default credentials, this enables attackers to execute arbitrary commands on the device that could cause potential unauthorized access, service disruption, and data exposure. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-6634 - Autodesk 3ds Max Memory Corruption Vulnerability

CVE ID : CVE-2025-6634 Published : Aug. 6, 2025, 9:15 p.m. | 7 hours, 59 minutes ago Description : A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51052 - Vedo Suite Path Traversal Vulnerability

CVE ID : CVE-2025-51052 Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago Description : A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting an unsanitized 'file_get_contents()' function call in '/api_vedo/template'. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51053 - Vedo Suite Cross-site Scripting (XSS)

CVE ID : CVE-2025-51053 Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago Description : A Cross-site scripting (XSS) vulnerability in /api_vedo/ in Vedo Suite version 2024.17 allows remote attackers to inject arbitrary Javascript or HTML code and potentially trigger code execution in victim's browser. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51054 - Vedo Suite Authentication Bypass

CVE ID : CVE-2025-51054 Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago Description : Vedo Suite 2024.17 is vulnerable to Incorrect Access Control, which allows remote attackers to obtain a valid high privilege JWT token without prior authentication via sending an empty HTTP POST request to the /autologin/ API endpoint. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51055 - Vedo Suite Insecure Data Storage Vulnerability

CVE ID : CVE-2025-51055 Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago Description : Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in Vedo Suite version 2024.17. This file contains clear-text credentials, secret keys, and database information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51056 - Vedo Suite Unrestricted File Upload RCE

CVE ID : CVE-2025-51056 Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago Description : An unrestricted file upload vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to write to arbitrary filesystem paths by exploiting the insecure 'uploadPreviews()' custom function in '/api_vedo/colorways_preview', ultimately resulting in remote code execution (RCE). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51057 - Vedo Suite LFI Vulnerability

CVE ID : CVE-2025-51057 Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago Description : A local file inclusion (LFI) vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting an unsanitized 'readfile()' function call in '/api_vedo/video/preview'. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-51058 - Bottinelli Informatical Vedo Suite SSRF

CVE ID : CVE-2025-51058 Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago Description : Bottinelli Informatical Vedo Suite 2024.17 is vulnerable to Server-side Request Forgery (SSRF) in the /api_vedo/video/preview endpoint, which allows remote authenticated attackers to trigger HTTP requests towards arbitrary remote paths via the "file" URL parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-6632 - Autodesk 3ds Max Out-of-Bounds Read

CVE ID : CVE-2025-6632 Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago Description : A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-6633 - Autodesk 3ds Max Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-6633 Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago Description : A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2024-55398 - 4C Strategies Exonaut Insecure Permissions Vulnerability

CVE ID : CVE-2024-55398 Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago Description : 4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2024-55399 - 4C Strategies Exonaut SSRF

CVE ID : CVE-2024-55399 Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago Description : 4C Strategies Exonaut before v21.6.2.1-1 was discovered to contain a Server-Side Request Forgery (SSRF). Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2024-55402 - 4C Strategies Exonaut Authentication Bypass Vulnerability

CVE ID : CVE-2024-55402 Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago Description : 4C Strategies Exonaut before v22.4 was discovered to contain an access control issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-46660 - 4C Strategies Exonaut Hashing Without Salt Vulnerability

CVE ID : CVE-2025-46660 Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago Description : An issue was discovered in 4C Strategies Exonaut 21.6. Passwords, stored in the database, are hashed without a salt. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-47908 - Apache Middleware Denial of Service Vulnerability

CVE ID : CVE-2025-47908 Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago Description : Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-50740 - AutoConnect Arduino Library XSS Vulnerability

CVE ID : CVE-2025-50740 Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago Description : AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting (xss) vulnerability. The AutoConnect web interface /_ac/config allows HTML/JS code to be executed via a crafted network SSID. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 21:15:00 GMT

read more

CVE-2025-38746 - Dell SupportAssist OS Recovery Exposure of Sensitive Information to an Unauthorized Actor

CVE ID : CVE-2025-38746 Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago Description : Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-38747 - Dell SupportAssist Elevation of Privileges Vulnerability

CVE ID : CVE-2025-38747 Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago Description : Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File With Insecure Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to Elevation of Privileges. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-45764 - jsrsasign RSA Key Encryption Weakness

CVE ID : CVE-2025-45764 Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago Description : jsrsasign v11.1.0 was discovered to contain weak encryption. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-45766 - Poco Weak Encryption Vulnerability

CVE ID : CVE-2025-45766 Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago Description : poco v1.14.1-release was discovered to contain weak encryption. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-46659 - "4C Strategies Exonaut External HTTPS Information Disclosure"

CVE ID : CVE-2025-46659 Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago Description : An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can occur via an external HTTPS request. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-51624 - Zone Bitaqati Cross-Site Scripting (XSS)

CVE ID : CVE-2025-51624 Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago Description : Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 20:15:00 GMT

read more

CVE-2025-8130 - Apache Struts Command Injection Vulnerability

CVE ID : CVE-2025-8130 Published : Aug. 6, 2025, 7:15 p.m. | 2 hours, 11 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 19:15:00 GMT

read more

CVE-2025-8667 - SkyworkAI DeepResearchAgent OS Command Injection Vulnerability

CVE ID : CVE-2025-8667 Published : Aug. 6, 2025, 6:15 p.m. | 3 hours, 11 minutes ago Description : A vulnerability, which was classified as critical, was found in SkyworkAI DeepResearchAgent up to 08eb7f8eb9505d0094d75bb97ff7dacc3fa3bbf2. Affected is the function from_code/from_dict/from_mcp of the file src/tools/tools.py. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 18:15:00 GMT

read more

CVE-2025-20215 - Cisco Webex Meetings Unauthenticated Meeting-Join Vulnerability

CVE ID : CVE-2025-20215 Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago Description : A vulnerability in the meeting-join functionality of Cisco Webex Meetings could have allowed an unauthenticated, network-proximate attacker to complete a meeting-join process in place of an intended targeted user, provided the requisite conditions were satisfied. Cisco has addressed this vulnerability in the Cisco Webex Meetings service, and no customer action is needed. This vulnerability existed due to client certificate validation issues. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by monitoring local wireless or adjacent networks for client-join requests and attempting to interrupt and complete the meeting-join flow as another user who was currently joining a meeting. To successfully exploit the vulnerability, an attacker would need the capability to position themselves in a local wireless or adjacent network, to monitor and intercept the targeted network traffic flows, and to satisfy timing requirements in order to interrupt the meeting-join flow and exploit the vulnerability. A successful exploit could have allowed the attacker to join the meeting as another user. However, the Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerability that is described in this advisory. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-20331 - Cisco ISE/Cisco ISE-PIC Stored XSS Vulnerability

CVE ID : CVE-2025-20331 Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago Description : A vulnerability in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on the affected device. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-20332 - Cisco ISE HTTP Request Forgery (Remote Code Execution)

CVE ID : CVE-2025-20332 Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago Description : A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. This vulnerability is due to the lack of server-side validation of Administrator permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to modify descriptions of files on a specific page. To exploit this vulnerability, an attacker would need valid read-only Administrator credentials. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-30127 - Marbella KR8s Dashcam FF Information Disclosure and File Access Vulnerability

CVE ID : CVE-2025-30127 Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago Description : An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings (containing sensitive routes, conversations, and footage) are open for downloading by creating a socket to command port 7777, and then downloading video via port 7778 and audio via port 7779. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-8419 - Keycloak SMTP Injection Vulnerability

CVE ID : CVE-2025-8419 Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago Description : A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters (limited local part of the email), so the attack is limited to very shorts emails (subject and little data, the example is 60 chars). This flaw's only direct consequence is an unsolicited email being sent from the Keycloak server. However, this action could be a precursor for more sophisticated attacks. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2025-8665 - Agno-agi Agno Os Command Injection Vulnerability

CVE ID : CVE-2025-8665 Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago Description : A vulnerability, which was classified as critical, has been found in agno-agi agno up to 1.7.5. This issue affects the function MCPTools/MultiMCPTools in the library libs/agno/agno/tools/mcp.py of the component Model Context Protocol Handler. The manipulation of the argument command leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 17:15:00 GMT

read more

CVE-2024-8244 - Go filepath Symbolic Link TOCTOU

CVE ID : CVE-2024-8244 Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago Description : The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links, but both functions are susceptible to a TOCTOU (time of check/time of use) race condition where a portion of the path being walked is replaced with a symbolic link while the walk is in progress. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-48393 - Eaton Firmware Man-in-the-Middle Attack Vulnerability

CVE ID : CVE-2025-48393 Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago Description : The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest version which is available on the Eaton download center. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-48394 - Eaton File Traversal Vulnerability

CVE ID : CVE-2025-48394 Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago Description : An attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limited shell of the CLI. This security issue has been fixed in the latest version which is available on the Eaton download center. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-51531 - Sage DPW Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-51531 Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability in Sage DPW v2024.12.003 allows attackers to execute arbitrary JavaScript in the context of a victim's browser via injcting a crafted payload into the tabfields parameter at /dpw/scripts/cgiip.exe/WService. This is fixed in Halbjahresversion 2024_12_004. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-51532 - Sage DPW Unauthenticated Access Control Bypass Vulnerability

CVE ID : CVE-2025-51532 Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago Description : Incorrect access control in Sage DPW v2024.12.003 allows unauthorized attackers to access the built-in Database Monitor via a crafted request. This is fixed in Halbjahresversion 2024_12_004. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-53786 - Microsoft Exchange Server Hybrid Deployment Authentication Bypass Vulnerability

CVE ID : CVE-2025-53786 Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago Description : On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation, Microsoft identified specific security implications tied to the guidance and configuration steps outlined in the April announcement. Microsoft is issuing CVE-2025-53786 to document a vulnerability that is addressed by taking the steps documented with the April 18th announcement. Microsoft strongly recommends reading the information, installing the April 2025 (or later) Hot Fix and implementing the changes in your Exchange Server and hybrid environment. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 16:15:00 GMT

read more

CVE-2025-50234 - MCCMS SSRF Flaw

CVE ID : CVE-2025-50234 Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago Description : MCCMS v2.7.0 has an SSRF vulnerability located in the index() method of the sys\apps\controllers\api\Gf.php file, where the pic parameter is processed. The pic parameter is decrypted using the sys_auth($pic, 1) function, which utilizes a hard-coded key Mc_Encryption_Key (bD2voYwPpNuJ7B8), defined in the db.php file. The decrypted URL is passed to the geturl() method, which uses cURL to make a request to the URL without proper security checks. An attacker can craft a malicious encrypted pic parameter, which, when decrypted, points to internal addresses or local file paths (such as http://127.0.0.1 or file://). By using the file:// protocol, the attacker can access arbitrary files on the local file system (e.g., file:///etc/passwd, file:///C:/Windows/System32/drivers/etc/hosts), allowing them to read sensitive configuration files, log files, and more, leading to information leakage or system exposure. The danger of this SSRF vulnerability includes accessing internal services and local file systems through protocols like http://, ftp://, and file://, which can result in sensitive data leakage, remote code execution, privilege escalation, or full system compromise, severely affecting the system's security and stability. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-50286 - Grav CMS Remote Code Execution

CVE ID : CVE-2025-50286 Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago Description : A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-51040 - Electrolink FM/DAB/TV Transmitter Web Unauthorized Access

CVE ID : CVE-2025-51040 Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago Description : Electrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the /FrameSetCore.html endpoint in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-51306 - Gatling Enterprise Session Token Expired

CVE ID : CVE-2025-51306 Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago Description : In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-51308 - Gatling Enterprise Information Disclosure Vulnerability

CVE ID : CVE-2025-51308 Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago Description : In Gatling Enterprise versions below 1.25.0, a low-privileged user that does not hold the role "admin" could perform a REST API call on read-only endpoints, allowing him to collect some information, due to missing authorization checks. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2024-52885 - Fortinet Mobile Access Portal Directory Traversal Vulnerability

CVE ID : CVE-2024-52885 Published : Aug. 6, 2025, 3:15 p.m. | 4 hours, 8 minutes ago Description : The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-2028 - Apache Log4j Country Flag IP Information Disclosure

CVE ID : CVE-2025-2028 Published : Aug. 6, 2025, 3:15 p.m. | 4 hours, 8 minutes ago Description : Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-36020 - IBM Guardium Data Protection Cleartext Credential Disclosure

CVE ID : CVE-2025-36020 Published : Aug. 6, 2025, 3:15 p.m. | 4 hours, 8 minutes ago Description : IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-50233 - QCMS File Inclusion Vulnerability

CVE ID : CVE-2025-50233 Published : Aug. 6, 2025, 3:15 p.m. | 4 hours, 8 minutes ago Description : A vulnerability in QCMS version 6.0.5 allows authenticated users to read arbitrary files from the server due to insufficient validation of the "Name" parameter in the backend template editor. By manipulating the parameter, attackers can perform directory traversal and access sensitive files outside the intended template directory, potentially exposing system configuration, PHP source code, or other sensitive information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 15:15:00 GMT

read more

CVE-2025-3320 - IBM Tivoli Monitoring Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-3320 Published : Aug. 6, 2025, 2:15 p.m. | 5 hours, 8 minutes ago Description : IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 14:15:00 GMT

read more

CVE-2025-3354 - IBM Tivoli Monitoring Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-3354 Published : Aug. 6, 2025, 2:15 p.m. | 5 hours, 8 minutes ago Description : IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 14:15:00 GMT

read more

CVE-2025-8616 - OpenText Advanced Authentication Browser Plugin Authentication Bypass

CVE ID : CVE-2025-8616 Published : Aug. 6, 2025, 2:15 p.m. | 5 hours, 8 minutes ago Description : A weakness identified in OpenText Advanced Authentication where a Malicious browser plugin can record and replay the user authentication process to bypass Authentication. This issue affects Advanced Authentication on or before 6.5.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 14:15:00 GMT

read more

CVE-2025-23325 - NVIDIA Triton Inference Server Recursion Denial of Service

CVE ID : CVE-2025-23325 Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23326 - NVIDIA Triton Inference Server Integer Overflow Denial of Service

CVE ID : CVE-2025-23326 Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23327 - NVIDIA Triton Inference Server Integer Overflow Vulnerability

CVE ID : CVE-2025-23327 Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through specially crafted inputs. A successful exploit of this vulnerability might lead to denial of service and data tampering. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23331 - NVIDIA Triton Inference Server Denial of Service (DoS)

CVE ID : CVE-2025-23331 Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23333 - NVIDIA Triton Inference Server Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-23333 Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by manipulating shared memory data. A successful exploit of this vulnerability might lead to information disclosure. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23334 - NVIDIA Triton Inference Server Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-23334 Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A successful exploit of this vulnerability might lead to information disclosure. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23335 - NVIDIA Triton Inference Server Denial of Service Underflow

CVE ID : CVE-2025-23335 Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration and a specific input. A successful exploit of this vulnerability might lead to denial of service. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23310 - NVIDIA Triton Inference Server Stack Buffer Overflow Vulnerability

CVE ID : CVE-2025-23310 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23311 - NVIDIA Triton Inference Server Stack Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-23311 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, or data tampering. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23317 - NVIDIA Triton Inference Server HTTP Server Remote Code Execution Vulnerability

CVE ID : CVE-2025-23317 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23318 - NVIDIA Triton Inference Server Python Backend Out-of-Bounds Write

CVE ID : CVE-2025-23318 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23319 - NVIDIA Triton Inference Server Python Backend Out-of-Bounds Write Remote Code Execution Vulnerability

CVE ID : CVE-2025-23319 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23320 - NVIDIA Triton Inference Server Memory Information Disclosure

CVE ID : CVE-2025-23320 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to be exceeded by sending a very large request. A successful exploit of this vulnerability might lead to information disclosure. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23321 - NVIDIA Triton Inference Server Divide by Zero Denial of Service

CVE ID : CVE-2025-23321 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a divide by zero issue by issuing an invalid request. A successful exploit of this vulnerability might lead to denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23322 - NVIDIA Triton Inference Server Double Free Denial of Service Vulnerability

CVE ID : CVE-2025-23322 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before it is processed. A successful exploit of this vulnerability might lead to denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23323 - NVIDIA Triton Inference Server Integer Overflow Denial of Service

CVE ID : CVE-2025-23323 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-23324 - NVIDIA Triton Inference Server Integer Overflow Denial of Service

CVE ID : CVE-2025-23324 Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 13:15:00 GMT

read more

CVE-2025-5197 - Hugging Face Transformers ReDoS Vulnerability

CVE ID : CVE-2025-5197 Published : Aug. 6, 2025, 12:15 p.m. | 2 hours, 58 minutes ago Description : A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the `convert_tf_weight_name_to_pt_weight_name()` function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern `/[^/]*___([^/]*)/` that can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. The vulnerability affects versions up to 4.51.3 and is fixed in version 4.53.0. This issue can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting model conversion processes between TensorFlow and PyTorch formats. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 12:15:00 GMT

read more

CVE-2025-46388 - Apache HTTP Server Information Disclosure

CVE ID : CVE-2025-46388 Published : Aug. 6, 2025, 11:15 a.m. | 3 hours, 58 minutes ago Description : CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46389 - Microsoft Azure Active Directory Password Change

CVE ID : CVE-2025-46389 Published : Aug. 6, 2025, 11:15 a.m. | 3 hours, 58 minutes ago Description : CWE-620: Unverified Password Change Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46390 - Apache Web Server HTTP Response Manipulation Vulnerability

CVE ID : CVE-2025-46390 Published : Aug. 6, 2025, 11:15 a.m. | 3 hours, 58 minutes ago Description : CWE-204: Observable Response Discrepancy Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46391 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-46391 Published : Aug. 6, 2025, 11:15 a.m. | 3 hours, 58 minutes ago Description : CWE-284: Improper Access Control Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46386 - Apache Struts Authentication Bypass

CVE ID : CVE-2025-46386 Published : Aug. 6, 2025, 11:15 a.m. | 1 hour, 41 minutes ago Description : CWE-639 Authorization Bypass Through User-Controlled Key Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-46387 - Apache Struts SSRF

CVE ID : CVE-2025-46387 Published : Aug. 6, 2025, 11:15 a.m. | 1 hour, 41 minutes ago Description : CWE-639 Authorization Bypass Through User-Controlled Key Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 11:15:00 GMT

read more

CVE-2025-22469 - Siemens SIMATIC S7-1200 OS Command Injection Vulnerability

CVE ID : CVE-2025-22469 Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago Description : OS command injection vulnerability exists in CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1. An arbitrary OS command may be executed on the system with a certain non-administrative user privilege. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-22470 - Siemens SIMATIC CL4/6NX Plus Lua File Execution Vulnerability

CVE ID : CVE-2025-22470 Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago Description : CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow crafted dangerous files to be uploaded. An arbitrary Lua script may be executed on the system with the root privilege. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-6013 - Vault LDAP MFA Enforcement Weakness

CVE ID : CVE-2025-6013 Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago Description : Vault and Vault Enterprise’s (“Vault”) ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and 1.16.24. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-7771 - "ThrottleStop.sys Kernel Memory Access Vulnerability"

CVE ID : CVE-2025-7771 Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago Description : ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-8620 - GiveWP Information Exposure Vulnerability

CVE ID : CVE-2025-8620 Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago Description : The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 10:15:00 GMT

read more

CVE-2025-7202 - Elgato Key Lights CSRF Vulnerability

CVE ID : CVE-2025-7202 Published : Aug. 6, 2025, 9:15 a.m. | 3 hours, 41 minutes ago Description : A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an attacker to host a malicious webpage that remotely controlles the victim's lights. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 09:15:00 GMT

read more

CVE-2025-8556 - CIRCL FourQ Elliptic Curve Diffie-Hellman Key Exchange Session Compromise

CVE ID : CVE-2025-8556 Published : Aug. 6, 2025, 9:15 a.m. | 3 hours, 41 minutes ago Description : A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 09:15:00 GMT

read more

CVE-2025-27066 - "Qualcomm Wi-Fi ANQP Message Processing Denial of Service"

CVE ID : CVE-2025-27066 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Transient DOS while processing an ANQP message. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27067 - Intel Graphics Memory Corruption Vulnerability

CVE ID : CVE-2025-27067 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Memory corruption while processing DDI call with invalid buffer. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27068 - Apache ExoPlayer IOCTL Memory Corruption

CVE ID : CVE-2025-27068 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Memory corruption while processing an IOCTL command with an arbitrary address. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27069 - Citrix Hypervisor Memory Corruption Vulnerability

CVE ID : CVE-2025-27069 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Memory corruption while processing DDI command calls. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27071 - Powerline Communication Firmware Buffer Overflow

CVE ID : CVE-2025-27071 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Memory corruption while processing specific files in Powerline Communication Firmware. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27072 - Cisco EAVB Header Length Information Disclosure Vulnerability

CVE ID : CVE-2025-27072 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Information disclosure while processing a packet at EAVB BE side with invalid header length. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27073 - Cisco Nexus Series: Denial of Service Vulnerability

CVE ID : CVE-2025-27073 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Transient DOS while creating NDP instance. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27075 - Qualcomm Bluetooth Host Memory Corruption Vulnerability

CVE ID : CVE-2025-27075 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27076 - Citrix NetScaler Memory Corruption Vulnerability

CVE ID : CVE-2025-27076 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Memory corruption while processing simultaneous requests via escape path. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-47324 - D-Link Powerline Information Disclosure Vulnerability

CVE ID : CVE-2025-47324 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : Information disclosure while accessing and modifying the PIB file of a remote device via powerline. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-7954 - Shopware Voucher System Race Condition

CVE ID : CVE-2025-7954 Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago Description : A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21465 - Cisco Networking Equipment Information Disclosure

CVE ID : CVE-2025-21465 Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago Description : Information disclosure while processing the hash segment in an MBN file. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21472 - Citrix eSE Debug Information Disclosure Vulnerability

CVE ID : CVE-2025-21472 Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago Description : Information disclosure while capturing logs as eSE debug messages are logged. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21473 - Cisco Camera Data Mover (CDM) Register Write Memory Corruption Vulnerability

CVE ID : CVE-2025-21473 Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago Description : Memory corruption when using Virtual cdm (Camera Data Mover) to write registers. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21474 - Samsung Android A2dp Sink Command Queue Memory Corruption Vulnerability

CVE ID : CVE-2025-21474 Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago Description : Memory corruption while processing commands from A2dp sink command queue. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21477 - Oracle NetWare CCCH Data Handling Denial of Service Vulnerability

CVE ID : CVE-2025-21477 Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago Description : Transient DOS while processing CCCH data when NW sends data with invalid length. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27062 - Apache Kafka Deserialization Memory Corruption Vulnerability

CVE ID : CVE-2025-27062 Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago Description : Memory corruption while handling client exceptions, allowing unauthorized channel access. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-27065 - Cisco Security Appliance Denial of Service

CVE ID : CVE-2025-27065 Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago Description : Transient DOS while processing a frame with malformed shared-key descriptor. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21452 - Nokia LTE Network Transient Denial of Service

CVE ID : CVE-2025-21452 Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago Description : Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21455 - Apache HTTP Server Kernel Memory Corruption Vulnerability

CVE ID : CVE-2025-21455 Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago Description : Memory corruption while submitting blob data to kernel space though IOCTL. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21456 - Microsoft Windows Kernel IOCTL Buffer Overflow

CVE ID : CVE-2025-21456 Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago Description : Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21457 - Apache Fasta RPC Information Disclosure Vulnerability

CVE ID : CVE-2025-21457 Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago Description : Information disclosure while opening a fastrpc session when domain is not sanitized. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21458 - Apache Cassandra Use-After-Free Buffer Overflow

CVE ID : CVE-2025-21458 Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago Description : Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21461 - Qualcomm Snapdragon CDM Register Programming Memory Corruption Vulnerability

CVE ID : CVE-2025-21461 Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago Description : Memory corruption when programming registers through virtual CDM. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-21464 - Apache ImageMagick Out-of-Bounds Read Information Disclosure

CVE ID : CVE-2025-21464 Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago Description : Information disclosure while reading data from an image using specified offset and size parameters. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 08:15:00 GMT

read more

CVE-2025-20990 - Western Digital External Hard Drive Device Node Access Control Vulnerability

CVE ID : CVE-2025-20990 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21010 - SamsungAccount Privilege Escalation Vulnerability

CVE ID : CVE-2025-21010 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21011 - Samsung Galaxy Watch Unauthenticated Sensor Data Exposure

CVE ID : CVE-2025-21011 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21012 - Samsung Galaxy Watch Fall Detection Access Control Vulnerability

CVE ID : CVE-2025-21012 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21013 - Samsung Galaxy Watch SemSensorManager Access Control Bypass

CVE ID : CVE-2025-21013 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21014 - Android Emergency SoS Component Export Vulnerability

CVE ID : CVE-2025-21014 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21015 - "Acme Document Scanner Path Traversal Vulnerability (Local File Deletion)"

CVE ID : CVE-2025-21015 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21016 - PkgPredictorService Android Improper Access Control Vulnerability

CVE ID : CVE-2025-21016 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21017 - Blockchain Keystore Out-of-bounds Write Vulnerability

CVE ID : CVE-2025-21017 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21018 - Blockchain Keystore OOB Read Vulnerability

CVE ID : CVE-2025-21018 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21019 - Samsung Health Authorization Bypass Vulnerability

CVE ID : CVE-2025-21019 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21020 - Blockchain Keystore OOB Write Vulnerability

CVE ID : CVE-2025-21020 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21021 - Blockchain Keystore Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-21021 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21022 - Galaxy Wearable Information Disclosure Vulnerability

CVE ID : CVE-2025-21022 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper access control in Galaxy Wearable prior to version 2.2.63.25042861 allows local attackers to access sensitive information. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21023 - Samsung Galaxy Watch Local File Access Vulnerability

CVE ID : CVE-2025-21023 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Improper access control in WcsExtension for Galaxy Watch prior to Android Watch 16 allows local attackers to access sensitive information. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-21024 - Android Smart View Implicit Intent Information Disclosure Vulnerability

CVE ID : CVE-2025-21024 Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago Description : Use of Implicit Intent for Sensitive Communication in Smart View prior to Android 16 allows local attackers to access sensitive information. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 05:15:00 GMT

read more

CVE-2025-55023 - Fortinet SSL/TLS Weakness

CVE ID : CVE-2025-55023 Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55024 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-55024 Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55025 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-55025 Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55026 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-55026 Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55027 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-55027 Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-6994 - Smartdatasoft WordPress Reveal Listing Plugin Privilege Escalation

CVE ID : CVE-2025-6994 Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago Description : The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'listing_user_role' field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-7399 - "Elementor Stored Cross-Site Scripting in Betheme Theme for WordPress"

CVE ID : CVE-2025-7399 Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago Description : The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via an Elementor display setting in all versions up to, and including, 28.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-7498 - Elementor Exclusive Addons Stored Cross-Site Scripting

CVE ID : CVE-2025-7498 Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago Description : The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget in all versions up to, and including, 2.7.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-8100 - Elementor Addons and Templates Stored Cross-Site Scripting

CVE ID : CVE-2025-8100 Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago Description : The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54640 - Apache Flink Deserialization ParcelMismatch Vulnerability

CVE ID : CVE-2025-54640 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54641 - Apache Kernel Buffer Overflow Vulnerability

CVE ID : CVE-2025-54641 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module. Impact: Successful exploitation of this vulnerability may affect availability. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54642 - Qualcomm Snapdragon kernel gyroscope buffer overflow vulnerability

CVE ID : CVE-2025-54642 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module. Impact: Successful exploitation of this vulnerability may affect availability. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54643 - Apache Ambient Light Module Array Out-of-Bounds Information Disclosure

CVE ID : CVE-2025-54643 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54644 - Apache Ambient Light Kernel Memory Corruption

CVE ID : CVE-2025-54644 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54645 - Apache Location Service Array Index Out-of-Bounds Vulnerability

CVE ID : CVE-2025-54645 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54646 - Qualcomm BLE Packet Length Overflow Vulnerability

CVE ID : CVE-2025-54646 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Vulnerability of inadequate packet length check in the BLE module. Impact: Successful exploitation of this vulnerability may affect performance. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54647 - NearLink SSAP Out-of-bounds Read Vulnerability

CVE ID : CVE-2025-54647 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack. Impact: Successful exploitation of this vulnerability may affect availability. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54648 - NearLink SSAP Out-of-bounds Read Vulnerability

CVE ID : CVE-2025-54648 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack. Impact: Successful exploitation of this vulnerability may affect availability. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54649 - Google Location Service Type Confusion Vulnerability

CVE ID : CVE-2025-54649 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54650 - Cisco Audio Codec Array Index Vulnerability

CVE ID : CVE-2025-54650 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function. Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-54651 - HuFS Kernel Race Condition Confidentiality Vulnerability

CVE ID : CVE-2025-54651 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Race condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55019 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-55019 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55020 - Apache Struts Deserialization Vulnerability

CVE ID : CVE-2025-55020 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55021 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-55021 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-55022 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-55022 Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 04:16:00 GMT

read more

CVE-2025-8632 - Kenwood DMX958XR Command Injection Root RCE

CVE ID : CVE-2025-8632 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26255. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8633 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8633 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26256. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8634 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8634 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26257. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8635 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8635 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26258. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8636 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8636 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26259. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8637 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8637 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26260. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8638 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8638 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26261. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8639 - Kenwood DMX958XR Root Command Injection Vulnerability

CVE ID : CVE-2025-8639 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26262. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8640 - Kenwood DMX958XR Root Command Injection Vulnerability

CVE ID : CVE-2025-8640 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26263. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8641 - Kenwood DMX958XR Firmware Update Root Command Injection Vulnerability

CVE ID : CVE-2025-8641 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26264. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8642 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8642 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26265. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8643 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8643 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26266. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8644 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8644 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26267. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8645 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8645 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26268. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8646 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8646 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26269. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8647 - Kenwood DMX958XR Firmware Update Command Injection Root RCE

CVE ID : CVE-2025-8647 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26270. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8648 - Kenwood DMX958XR Root Command Injection Vulnerability

CVE ID : CVE-2025-8648 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26271. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8649 - Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability

CVE ID : CVE-2025-8649 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JKWifiService. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26305. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8650 - Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution Vulnerability

CVE ID : CVE-2025-8650 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26306. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8651 - Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability

CVE ID : CVE-2025-8651 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JKWifiService. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26307. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8652 - Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability

CVE ID : CVE-2025-8652 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JKWifiService. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26311. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8653 - Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-8653 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JKRadioService. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26312. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8654 - Kenwood DMX958XR Command Injection Remote Code Execution Vulnerability

CVE ID : CVE-2025-8654 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReadMVGImage function. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26313. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8655 - Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution

CVE ID : CVE-2025-8655 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR libSystemLib Command injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26314. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-8656 - Kenwood DMX958XR Software Downgrade Vulnerability

CVE ID : CVE-2025-8656 Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago Description : Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the libSystemLib library. The issue results from the lack of proper validation of version information before performing an update. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-26355. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 02:15:00 GMT

read more

CVE-2025-32430 - XWiki Platform Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-32430 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-3 through 16.4.7, 16.5.0-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, two templates contain reflected XSS vulnerabilities, allowing an attacker to execute malicious JavaScript code in the context of the victim's session by getting the victim to visit an attacker-controlled URL. This permits the attacker to perform arbitrary actions using the permissions of the victim. This issue is fixed in versions 16.4.8, 16.10.6 and 17.3.0-rc-1. To workaround the issue, manually patch the WAR with the same changes as the original patch. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54124 - XWiki Platform Password Hash Disclosure Vulnerability

CVE ID : CVE-2025-54124 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 9.8-rc-1 through 16.4.6, 16.5.0-rc-1 through 16.10.4, and 17.0.0-rc-1 through 17.1.0, any user with editing rights can create an XClass with a database list property that references a password property. When adding an object of that XClass, the content of that password property is displayed. In practice, with a standard rights setup, this means that any user with an account on the wiki can access password hashes of all users, and possibly other password properties (with hashed or plain storage) that are on pages that the user can view. This issue is fixed in versions 16.4.7, 16.10.5 and 17.2.0-rc-1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54125 - XWiki Platform XML Export Information Disclosure Vulnerability

CVE ID : CVE-2025-54125 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 1.1 through 16.4.6, 16.5.0-rc-1 through 16.10.4 and 17.0.0-rc-1 through 17.1.0, the XML export of a page in XWiki that can be triggered by any user with view rights on a page by appending ?xpage=xml to the URL includes password and email properties stored on a document that aren't named password or email. This is fixed in versions 16.4.7, 16.10.5 and 17.2.0-rc-1. To work around this issue, the file templates/xml.vm in the deployed WAR can be deleted if the XML isn't needed. There isn't any feature in XWiki itself that depends on the XML export. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54571 - ModSecurity HTTP Response Content-Type Header Hijacking Vulnerability

CVE ID : CVE-2025-54571 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type, which could lead to several issues depending on the HTTP scenario. For example, we have demonstrated the potential for XSS and arbitrary script source code disclosure in the latest version of mod_security2. This issue is fixed in version 2.9.12. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54594 - React Native Bottom Tabs GitHub Actions Code Execution

CVE ID : CVE-2025-54594 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pull_request_target event trigger, which allowed for untrusted code from a forked pull request to be executed in a privileged context. An attacker could create a pull request containing a malicious preinstall script in the package.json file and then trigger the vulnerable workflow by posting a specific comment (!canary). This allowed for arbitrary code execution, leading to the exfiltration of sensitive secrets such as GITHUB_TOKEN and NPM_TOKEN, and could have allowed an attacker to push malicious code to the repository or publish compromised packages to the NPM registry. There is a remediation commit which removes github/workflows/release-canary.yml, but a version with this fix has yet to be released. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54801 - Fiber Ctx.BodyParser Slice Index Overflow/Exhaustion Vulnerability

CVE ID : CVE-2025-54801 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index (e.g., test.18446744073704), the application crashes due to an out-of-bounds slice allocation in the underlying schema decoder. The root cause is that the decoder attempts to allocate a slice of length idx + 1 without validating whether the index is within a safe or reasonable range. If the idx is excessively large, this leads to an integer overflow or memory exhaustion, causing a panic or crash. This is fixed in version 2.52.9. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54869 - FPDI PDF DoS Vulnerability

CVE ID : CVE-2025-54869 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service (DoS) vulnerability. An attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion. Repeated attacks can lead to sustained service unavailability. This issue is fixed in version 2.6.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54872 - "Onion-Site-Template Tor Image Exposure Vulnerability"

CVE ID : CVE-2025-54872 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : onion-site-template is a complete, scalable tor hidden service self-hosting sample. Versions which include commit 3196bd89 contain a baked-in tor image if the secrets were copied from an existing onion domain. A website could be compromised if a user shared the baked-in image, or if someone were able to acquire access to the user's device outside of a containerized environment. This is fixed by commit bc9ba0fd. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54873 - RISC Zero RISC-V Arithmetic Overflow/Underflow

CVE ID : CVE-2025-54873 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0 through 2.1.0 and risc0-circuit-rv32im and risc0-circuit-rv32im-sys versions 2.0.0 through 2.0.4 contain vulnerabilities where signed integer division allows multiple outputs for certain inputs with only one being valid, and division by zero results are underconstrained. This issue is fixed in risc0-zkvm version 2.2.0 and version 3.0.0 for the risc0-circuit-rv32im and risc0-circuit-rv32im-sys packages. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54876 - Janssen Project PlainText Password Storage Vulnerability

CVE ID : CVE-2025-54876 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : The Janssen Project is an open-source identity and access management (IAM) platform. In versions 1.9.0 and below, Janssen stores passwords in plaintext in the local cli_cmd.log file. This is fixed in the nightly prerelease. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54879 - Mastodon LDAP Rate Limiting Email Confirmation Path Bypass Vulnerability

CVE ID : CVE-2025-54879 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : Mastodon is a free, open-source social network server based on ActivityPub Mastodon which facilitates LDAP configuration for authentication. In versions 3.1.5 through 4.2.24, 4.3.0 through 4.3.11 and 4.4.0 through 4.4.3, Mastodon's rate-limiting system has a critical configuration error where the email-based throttle for confirmation emails incorrectly checks the password reset path instead of the confirmation path, effectively disabling per-email limits for confirmation requests. This allows attackers to bypass rate limits by rotating IP addresses and send unlimited confirmation emails to any email address, as only a weak IP-based throttle (25 requests per 5 minutes) remains active. The vulnerability enables denial-of-service attacks that can overwhelm mail queues and facilitate user harassment through confirmation email spam. This is fixed in versions 4.2.24, 4.3.11 and 4.4.3. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54883 - Vision UI Security Kit Cryptographic Weakness

CVE ID : CVE-2025-54883 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 (packaged in Vision-ui 1.4.0) contains a critical cryptographic weakness. Due to a silent 32-bit integer overflow in its internal masking logic, the function fails to produce a uniform distribution of random numbers when the requested range between min and max is larger than 2³². The root cause is the use of a 32-bit bitwise left-shift operation ( Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

CVE-2025-54884 - Vision UI Denial of Service Vulnerability

CVE ID : CVE-2025-54884 Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago Description : Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 (packaged in Vision UI 1.4.0 and below) are vulnerable to Denial of Service (DoS) attacks. The generateSecureId(length) function directly used the length parameter to size a Uint8Array buffer, allowing attackers to exhaust server memory through repeated requests for large IDs since the previous 1024 limit was insufficient. The getSecureRandomInt(min, max) function calculated buffer size based on the range between min and max, where large ranges caused excessive memory allocation and CPU-intensive rejection-sampling loops that could hang the thread. This issue is fixed in version 1.5.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 06 Aug 2025 00:15:00 GMT

read more

Fuite de données chez Bouygues Telecom

]]>

Wed Aug 06 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-8571 - Concrete CMS Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-8571 Published : Aug. 5, 2025, 11:15 p.m. | 1 hour, 56 minutes ago Description : Concrete CMS 9 to 9.4.2 and versions below 8.5.21 are vulnerable to Reflected Cross-Site Scripting (XSS) in the Conversation Messages Dashboard Page. Unsanitized input could cause theft of session cookies or tokens, defacement of web content, redirection to malicious sites, and (if victim is an admin), the execution of unauthorized actions. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Fortbridge https://fortbridge.co.uk/ for performing a penetration test and vulnerability assessment on Concrete CMS and reporting this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 23:15:00 GMT

read more

CVE-2025-8573 - Concrete CMS Stored XSS on Members Dashboard

CVE ID : CVE-2025-8573 Published : Aug. 5, 2025, 11:15 p.m. | 1 hour, 56 minutes ago Description : Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.0 with vector CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N. Thanks sealldev for reporting via HackerOne. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 23:15:00 GMT

read more

CVE-2025-52237 - SSCMS Directory Traversal Vulnerability

CVE ID : CVE-2025-52237 Published : Aug. 5, 2025, 9:15 p.m. | 3 hours, 56 minutes ago Description : An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 21:15:00 GMT

read more

CVE-2025-53534 - RatPanel Remote Code Execution and Unauthorized Access Vulnerability

CVE ID : CVE-2025-53534 Published : Aug. 5, 2025, 9:15 p.m. | 3 hours, 56 minutes ago Description : RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path of RatPanel (including but not limited to weak default paths, brute-force cracking, etc.), they can execute system commands or take over hosts managed by the panel without logging in. In addition to this remote code execution (RCE) vulnerability, the flawed code also leads to unauthorized access. RatPanel uses the CleanPath middleware provided by github.com/go-chi/chi package to clean URLs, but but the middleware does not process r.URL.Path, which can cause the paths to be misinterpreted. This is fixed in version 2.5.6. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 21:15:00 GMT

read more

CVE-2013-10067 - Glossword Remote Code Execution (RCE) Vulnerability

CVE ID : CVE-2013-10067 Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago Description : Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload vulnerability. When deployed as a standalone application, the administrative interface (gw_admin.php) allows users with administrator privileges to upload files to the gw_temp/a/ directory. Due to insufficient validation of file type and path, attackers can upload and execute PHP payloads, resulting in remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10068 - Foxit Reader Plugin Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2013-10068 Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago Description : Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer, allowing remote attackers to execute arbitrary code. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10069 - D-Link Router OS Command Injection Vulnerability

CVE ID : CVE-2013-10069 Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago Description : The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev B (≤2.13), contains an unauthenticated OS command injection vulnerability in command.php, which improperly handles the cmd POST parameter. A remote attacker can exploit this flaw without authentication to spawn a Telnet service on a specified port, enabling persistent interactive shell access as root. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10070 - Apache PHP-Charts PHP Code Execution Vulnerability

CVE ID : CVE-2013-10070 Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago Description : PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user-supplied GET parameter names are passed directly to eval() without sanitization. A remote attacker can exploit this flaw by crafting a request that injects arbitrary PHP code, resulting in command execution under the web server's context. The vulnerability allows unauthenticated attackers to execute system-level commands via base64-encoded payloads embedded in parameter names, leading to full compromise of the host system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2014-125113 - Dell KACE K1000 System Management Appliance Unrestricted File Upload Vulnerability

CVE ID : CVE-2014-125113 Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago Description : An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance version 5.0 - 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 in the download_agent.php endpoint. An attacker can upload arbitrary PHP files to a temporary web-accessible directory, which are later executed through inclusion in backend code that loads files under attacker-controlled paths. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2025-50592 - Seacms Cross Site Scripting Vulnerability

CVE ID : CVE-2025-50592 Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago Description : Cross site scripting vulnerability in seacms before 13.2 via the vid parameter to Upload/js/player/dmplayer/player. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2025-51541 - Shopware Stored XSS Vulnerability

CVE ID : CVE-2025-51541 Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 56 minutes ago Description : A stored cross-site scripting (XSS) vulnerability exists in the Shopware 6 installation interface at /recovery/install/database-configuration/. The c_database_schema field fails to properly sanitize user-supplied input before rendering it in the browser, allowing an attacker to inject malicious JavaScript. This vulnerability can be exploited via a Cross-Site Request Forgery (CSRF) attack due to the absence of CSRF protections on the POST request. An unauthenticated remote attacker can craft a malicious web page that, when visited by a victim, stores the payload persistently in the installation configuration. As a result, the payload executes whenever any user subsequently accesses the vulnerable installation page, leading to persistent client-side code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2025-52078 - Writebot AI Content Generator SaaS File Upload Privilege Escalation Vulnerability

CVE ID : CVE-2025-52078 Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 56 minutes ago Description : File upload vulnerability in Writebot AI Content Generator SaaS React Template thru 4.0.0, allowing remote attackers to gain escalated privileges via a crafted POST request to the /file-upload endpoint. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10024 - XBMC HTTP Server Path Traversal Vulnerability

CVE ID : CVE-2012-10024 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authenticated users to request files outside the intended document root. An attacker can exploit this flaw to read arbitrary files from the host filesystem, including sensitive configuration or credential files. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10025 - "WordPress Advanced Custom Fields RFI Remote Code Execution"

CVE ID : CVE-2012-10025 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : The WordPress plugin Advanced Custom Fields (ACF) version 3.5.1 and below contains a remote file inclusion (RFI) vulnerability in core/actions/export.php. When the PHP configuration directive allow_url_include is enabled (default: Off), an unauthenticated attacker can exploit the acf_abspath POST parameter to include and execute arbitrary remote PHP code. This leads to remote code execution under the web server’s context, allowing full compromise of the host. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10026 - "WordPress Asset-Manager Unauthenticated Remote Code Execution Vulnerability"

CVE ID : CVE-2012-10026 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary file upload vulnerability in upload.php. The endpoint fails to properly validate and restrict uploaded file types, allowing remote attackers to upload malicious PHP scripts to a predictable temporary directory. Once uploaded, the attacker can execute the file via a direct HTTP GET request, resulting in remote code execution under the web server’s context. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10027 - WordPress WP-Property Unauthenticated Remote File Upload Vulnerability

CVE ID : CVE-2012-10027 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : WP-Property plugin for WordPress through version 1.35.0 contains an unauthenticated file upload vulnerability in the third-party `uploadify.php` script. A remote attacker can upload arbitrary PHP files to a temporary directory without authentication, leading to remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10028 - Netwin SurgeFTP Command Injection

CVE ID : CVE-2012-10028 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative console that allows authenticated users to execute arbitrary system commands via crafted POST requests to `surgeftpmgr.cgi`. This can lead to full remote code execution on the underlying system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10029 - Nagios XI Command Injection Vulnerability

CVE ID : CVE-2012-10029 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in `visApi.php`. An authenticated user can inject system commands via unsanitized parameters such as `host`, resulting in remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10030 - FreeFloat FTP Server Remote Code Execution Vulnerability

CVE ID : CVE-2012-10030 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote attackers to upload arbitrary files to sensitive system directories. The server accepts empty credentials, defaults user access to the root of the C:\ drive, and imposes no restrictions on file type or destination path. These conditions enable attackers to upload executable payloads and .mof files to locations such as system32 and wbem\mof, where Windows Management Instrumentation (WMI) automatically processes and executes them. This results in remote code execution with SYSTEM-level privileges, without requiring user interaction. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10031 - BlazeVideo HDTV Player Pro Stack-Based Buffer Overflow

CVE ID : CVE-2012-10031 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. When parsing a crafted .plf file, the MediaPlayerCtrl.dll component invokes PathFindFileNameA() to extract a filename from a URL-like string. The returned value is then copied to a fixed-size stack buffer using an inline strcpy call without bounds checking. If the input exceeds the buffer size, this leads to a stack overflow and potential arbitrary code execution under the context of the user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10032 - Maxthon Cross Context Scripting Vulnerability

CVE ID : CVE-2012-10032 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : Maxthon3 versions prior to 3.3 are vulnerable to cross context scripting (XCS) via the about:history page. The browser’s trusted zone improperly handles injected script content, allowing attackers to execute arbitrary JavaScript in a privileged context. This flaw enables modification of browser configuration and execution of arbitrary code through Maxthon’s exposed DOM APIs, including maxthon.program.Program.launch() and maxthon.io.writeDataURL(). Exploitation requires user interaction, typically by visiting a malicious webpage that triggers the injection. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10033 - Narcissus PHP Remote Code Execution Vulnerability

CVE ID : CVE-2012-10033 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : Narcissus is vulnerable to remote code execution via improper input handling in its image configuration workflow. Specifically, the backend.php script fails to sanitize the release parameter before passing it to the configure_image() function. This function invokes PHP’s passthru() with the unsanitized input, allowing attackers to inject arbitrary system commands. Exploitation occurs via a crafted POST request, resulting in command execution under the web server’s context. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10034 - "ClanSphere File Inclusion Vulnerability"

CVE ID : CVE-2012-10034 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : ClanSphere 2011.3 is vulnerable to a local file inclusion (LFI) flaw due to improper handling of the cs_lang cookie parameter. The application fails to sanitize user-supplied input, allowing attackers to traverse directories and read arbitrary files outside the web root. The vulnerability is further exacerbated by null byte injection (%00) to bypass file extension checks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10035 - Turbo FTP Server Buffer Overflow Vulnerability

CVE ID : CVE-2012-10035 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the handling of the PORT command. By sending a specially crafted payload, an unauthenticated remote attacker can overwrite memory structures and execute arbitrary code with SYSTEM privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10064 - ActFax Server Buffer Overflow Vulnerability

CVE ID : CVE-2013-10064 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers can exploit this vulnerability by sending specially crafted @F506 fields, potentially leading to arbitrary code execution. Successful exploitation requires network access to TCP port 4559 and does not require authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10065 - Sysax Multi-Server SSH Denial-of-Service Vulnerability

CVE ID : CVE-2013-10065 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : A denial-of-service vulnerability exists in Sysax Multi-Server version 6.10 via its SSH daemon. A specially crafted SSH key exchange packet can trigger a crash in the service, resulting in loss of availability. The flaw is triggered during the handling of malformed key exchange data, including a non-standard byte (\x28) in place of the expected SSH protocol delimiter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2013-10066 - Kordil EDMS File Upload Remote Code Execution

CVE ID : CVE-2013-10066 Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago Description : An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint (users_add.php) that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP payload and invoking it via a direct HTTP request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2012-10023 - FreeFloat FTP Server Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2012-10023 Published : Aug. 5, 2025, 8:15 p.m. | 34 minutes ago Description : A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by sending an overly long username string, which overflows the buffer allocated for user authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 20:15:00 GMT

read more

CVE-2025-45512 - DENX Software Engineering Das U-Boot Bootloader Firmware Signature Verification Bypass

CVE ID : CVE-2025-45512 Published : Aug. 5, 2025, 7:15 p.m. | 1 hour, 34 minutes ago Description : A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 19:15:00 GMT

read more

CVE-2025-50454 - Blue Access Cobalt X1 Authentication Bypass Vulnerability

CVE ID : CVE-2025-50454 Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago Description : An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru 02.000.187 allows an unauthorized attacker to log into the application as an administrator without valid credentials. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-50688 - Apache TwistedWeb Command Injection Vulnerability

CVE ID : CVE-2025-50688 Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago Description : A command injection vulnerability exists in TwistedWeb (version 14.0.0) due to improper input sanitization in the file upload functionality. An attacker can exploit this vulnerability by sending a specially crafted HTTP PUT request to upload a malicious file (e.g., a reverse shell script). Once uploaded, the attacker can trigger the execution of arbitrary commands on the target system, allowing for remote code execution. This could lead to escalation of privileges depending on the privileges of the web server process. The attack does not require physical access and can be conducted remotely, posing a significant risk to the confidentiality and integrity of the system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-51060 - CPUID cpuz.sys MSR LSTAR Hijacking Vulnerability

CVE ID : CVE-2025-51060 Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago Description : An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSR_LSTAR and hook KiSystemCall64. Afterward, using Return-Oriented Programming (ROP), the attacker can manipulate the stack with pre-prepared gadgets, disable the SMAP flag in the CR4 register, and execute a user-mode syscall handler in the kernel context. It has not been confirmed whether this works on 32-bit Windows, but it functions on 64-bit Windows if the core isolation feature is either absent or disabled. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-51627 - Agenzia Impresa Eccobook CaricaVerbale Privilege Escalation Vulnerability

CVE ID : CVE-2025-51627 Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago Description : Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook v2.81.1 allows authenticated attackers with low-level access to escalate privileges to Administrator. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-51628 - Eccobook PdfHandler IDOR Vulnerability

CVE ID : CVE-2025-51628 Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago Description : Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-51857 - Halo XSS Vulnerability in AttachmentReconciler Class

CVE ID : CVE-2025-51857 Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago Description : The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-8586 - "Libav MPEG File Parser Null Pointer Dereference Vulnerability"

CVE ID : CVE-2025-8586 Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago Description : A vulnerability, which was classified as problematic, was found in libav up to 12.3. This affects the function ff_seek_frame_binary of the file /libavformat/utils.c of the component MPEG File Parser. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The bug was initially reported by the researcher to the wrong project. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 18:15:00 GMT

read more

CVE-2025-43978 - Jointelli 5G CPE OS Command Injection Vulnerability

CVE ID : CVE-2025-43978 Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 10 minutes ago Description : Jointelli 5G CPE 21H01 firmware JY_21H01_A3_v1.36 devices allow (blind) OS command injection. Multiple endpoints are vulnerable, including /ubus/?flag=set_WPS_pin and /ubus/?flag=netAppStar1 and /ubus/?flag=set_wifi_cfgs. This allows an authenticated attacker to execute arbitrary OS commands with root privileges via crafted inputs to the SSID, WPS, Traceroute, and Ping fields. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-43980 - FIRSTNUM JC21A-04 Default SSH Credentials Vulnerability

CVE ID : CVE-2025-43980 Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 10 minutes ago Description : An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN. They enable the SSH service by default with the credentials of root/admin. The GUI doesn't offer a way to disable the account. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-54253 - Adobe Experience Manager Code Execution Vulnerability

CVE ID : CVE-2025-54253 Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago Description : Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-54254 - Adobe Experience Manager XXE File System Read Vulnerability

CVE ID : CVE-2025-54254 Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago Description : Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files on the local file system. Exploitation of this issue does not require user interaction. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-7674 - Roche Diagnostics navify Monitoring Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-7674 Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago Description : Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker to manipulate input data, which may lead to a denial of service (DoS) due to negatively impacting the server's performance. This vulnerability has no impact on data confidentiality or integrity. This issue affects navify Monitoring before 1.08.00. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-8584 - Libav AVI File Parser Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-8584 Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago Description : A vulnerability classified as problematic was found in libav up to 12.3. Affected by this vulnerability is the function av_buffer_unref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The bug was initially reported by the researcher to the wrong project. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-8585 - Libav DSS File Demuxer Double Free Vulnerability

CVE ID : CVE-2025-8585 Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago Description : A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The bug was initially reported by the researcher to the wrong project. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 17:15:00 GMT

read more

CVE-2025-43979 - FIRSTNUM JC21A-04 Command Injection Vulnerability

CVE ID : CVE-2025-43979 Published : Aug. 5, 2025, 4:15 p.m. | 3 hours, 9 minutes ago Description : An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN that allows authenticated attackers to execute arbitrary OS system commands with root privileges via crafted payloads to the xml_action.cgi?method= endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 16:15:00 GMT

read more

CVE-2025-46658 - "4C Strategies Exonaut ExonautWeb Information Disclosure"

CVE ID : CVE-2025-46658 Published : Aug. 5, 2025, 4:15 p.m. | 3 hours, 9 minutes ago Description : An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. There are verbose error messages. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 16:15:00 GMT

read more

CVE-2025-27931 - PDF-XChange Editor Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-27931 Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago Description : An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-29745 - Emsisoft Anti-Malware Net-NTLMv2 Hash Information Disclosure

CVE ID : CVE-2025-29745 Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago Description : A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S (Emsisoft Custom Scan) extension file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-2611 - ICTBroadcast Unauthenticated Remote Code Execution

CVE ID : CVE-2025-2611 Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago Description : The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an attacker to inject shell commands into a session cookie that get executed on the server. This results in unauthenticated remote code execution in the session handling. Versions 7.4 and below are known to be vulnerable. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-44964 - BlueStacks SSL Certificate Validation Weakness - Man-in-the-Middle

CVE ID : CVE-2025-44964 Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago Description : A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information. Severity: 3.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-46958 - Adobe Experience Manager Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-46958 Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-47152 - PDF-XChange Editor Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-47152 Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago Description : An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-50706 - Apache ThinkPHP Remote Code Execution Vulnerability

CVE ID : CVE-2025-50706 Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago Description : An issue in thinkphp v.5.1 allows a remote attacker to execute arbitrary code via the routecheck function Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-50707 - ThinkPHP3 Remote Code Execution Vulnerability

CVE ID : CVE-2025-50707 Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago Description : An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbitrary code via the index.php component Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2025-54874 - OpenJPEG Out-of-Bounds Heap Memory Write

CVE ID : CVE-2025-54874 Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago Description : OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 15:15:00 GMT

read more

CVE-2024-52890 - IBM Engineering Lifecycle Optimization Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-52890 Published : Aug. 5, 2025, 2:15 p.m. | 3 hours, 4 minutes ago Description : IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scripting due to no validation of URIs. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 14:15:00 GMT

read more

CVE-2025-7025 - Rockwell Automation Arena Out-of-Bounds Memory Access Vulnerability

CVE ID : CVE-2025-7025 Published : Aug. 5, 2025, 2:15 p.m. | 3 hours, 4 minutes ago Description : A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 14:15:00 GMT

read more

CVE-2025-7032 - Rockwell Automation Arena Memory Corruption Vulnerability

CVE ID : CVE-2025-7032 Published : Aug. 5, 2025, 2:15 p.m. | 3 hours, 4 minutes ago Description : A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 14:15:00 GMT

read more

CVE-2025-7033 - Rockwell Automation Arena Memory Corruption Vulnerability

CVE ID : CVE-2025-7033 Published : Aug. 5, 2025, 2:15 p.m. | 3 hours, 4 minutes ago Description : A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 14:15:00 GMT

read more

CVE-2025-54948 - Trend Micro Apex One Remote Code Execution

CVE ID : CVE-2025-54948 Published : Aug. 5, 2025, 1:15 p.m. | 4 hours, 4 minutes ago Description : A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 13:15:00 GMT

read more

CVE-2025-54987 - Trend Micro Apex One Remote Code Execution Vulnerability

CVE ID : CVE-2025-54987 Published : Aug. 5, 2025, 1:15 p.m. | 4 hours, 4 minutes ago Description : A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 13:15:00 GMT

read more

CVE-2025-8555 - Atjiu Pybbs Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8555 Published : Aug. 5, 2025, 10:15 a.m. | 7 hours, 3 minutes ago Description : A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. Affected is an unknown function of the file /search. The manipulation of the argument keyword leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 10:15:00 GMT

read more

CVE-2025-8553 - Atjiu Pybbs Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8553 Published : Aug. 5, 2025, 9:15 a.m. | 8 hours, 3 minutes ago Description : A vulnerability classified as problematic was found in atjiu pybbs up to 6.0.0. This vulnerability affects unknown code of the file /admin/sensitive_word/list. The manipulation of the argument word leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 09:15:00 GMT

read more

CVE-2025-8554 - Atjiu Pybbs Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8554 Published : Aug. 5, 2025, 9:15 a.m. | 8 hours, 3 minutes ago Description : A vulnerability, which was classified as problematic, has been found in atjiu pybbs up to 6.0.0. This issue affects some unknown processing of the file /admin/user/list. The manipulation of the argument Username leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 09:15:00 GMT

read more

CVE-2025-6207 - WordPress Import Export Lite Plugin File Upload Vulnerability

CVE ID : CVE-2025-6207 Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago Description : The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpie_tempalte_import' function in all versions up to, and including, 3.9.28. This makes it possible for authenticated attackers, with Subscriber-level access and above, and permissions granted by an Administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-8294 - WordPress Download Counter Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8294 Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago Description : The Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-8295 - WordPress Employee Directory Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8295 Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago Description : The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg’ parameter in all versions up to, and including, 4.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-8551 - Atjiu Pybbs Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8551 Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago Description : A vulnerability was found in atjiu pybbs up to 6.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/comment/list. The manipulation of the argument Username leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-8552 - Atjiu Pybbs Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8552 Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago Description : A vulnerability classified as problematic has been found in atjiu pybbs up to 6.0.0. This affects an unknown part of the file /admin/tag/list. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-2810 - Apache Key Exposure

CVE ID : CVE-2025-2810 Published : Aug. 5, 2025, 8:15 a.m. | 7 hours, 1 minute ago Description : A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-41698 - Apache HTTP Server Command Injection Vulnerability

CVE ID : CVE-2025-41698 Published : Aug. 5, 2025, 8:15 a.m. | 7 hours ago Description : A low privileged local attacker can interact with the affected service although user-interaction should not be allowed. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-5061 - WordPress Import Export Lite Plugin Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-5061 Published : Aug. 5, 2025, 8:15 a.m. | 7 hours ago Description : The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpie_parse_upload_data' function in all versions up to, and including, 3.9.29. This makes it possible for authenticated attackers, with Subscriber-level access and above, and permissions granted by an Administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability was partially patched in version 3.9.29. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 08:15:00 GMT

read more

CVE-2025-7050 - Google Drive plugin for WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-7050 Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago Description : The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability can be exploited by the lowest authentication level permitted to upload files, including unauthenticated users, once a file upload shortcode is published on a publicly accessible post. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8313 - WordPress Campus Directory Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8313 Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago Description : The Campus Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg’ parameter in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8315 - "WordPress WP Easy Contact Stored Cross-Site Scripting"

CVE ID : CVE-2025-8315 Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago Description : The WP Easy Contact plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg’ parameter in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8548 - "Atjiu Pybbs Registered Email Handler Information Exposure Vulnerability"

CVE ID : CVE-2025-8548 Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago Description : A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email leads to information exposure through error message. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 234197c4f8fc7ce24bdcff5430cd42492f28936a. It is recommended to apply a patch to fix this issue. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8549 - "Atjiu Pybbs Password Weakness"

CVE ID : CVE-2025-8549 Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago Description : A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as d09cb19a8e7d7e5151282926ada54080244d499f. It is recommended to apply a patch to fix this issue. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-8550 - "atjiu pybbs Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-8550 Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago Description : A vulnerability was found in atjiu pybbs up to 6.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/topic/list. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 07:15:00 GMT

read more

CVE-2025-54982 - Zscaler SAML Authentication Signature Forgery

CVE ID : CVE-2025-54982 Published : Aug. 5, 2025, 6:15 a.m. | 9 hours ago Description : An improper verification of cryptographic signature in Zscaler's SAML authentication mechanism on the server-side allowed an authentication abuse. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 06:15:00 GMT

read more

CVE-2025-8547 - Atjiu Pybbs Email Verification Handler Remote Authorization Bypass Vulnerability

CVE ID : CVE-2025-8547 Published : Aug. 5, 2025, 6:15 a.m. | 9 hours ago Description : A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 044f22893bee254dc2bb0d30f614913fab3c22c2. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 06:15:00 GMT

read more

CVE-2025-54868 - LibreChat Meilisearch Engine Information Disclosure

CVE ID : CVE-2025-54868 Published : Aug. 5, 2025, 5:15 a.m. | 7 hours, 51 minutes ago Description : LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint allows reading arbitrary chats directly from the Meilisearch engine. The endpoint /api/search/test allows for direct access to stored chats in the Meilisearch engine without proper access control. This results in the ability to read chats from arbitrary users. This issue is fixed in version 0.7.7. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 05:15:00 GMT

read more

CVE-2025-8544 - Portabilis i-Educar Cross Site Scripting Vulnerability

CVE ID : CVE-2025-8544 Published : Aug. 5, 2025, 5:15 a.m. | 7 hours, 51 minutes ago Description : A vulnerability classified as problematic was found in Portabilis i-Educar 2.10. Affected by this vulnerability is an unknown functionality of the file /module/RegraAvaliacao/edit. The manipulation of the argument nome leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 05:15:00 GMT

read more

CVE-2025-8545 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8545 Published : Aug. 5, 2025, 5:15 a.m. | 7 hours, 51 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /intranet/educar_motivo_afastamento_cad.php. The manipulation of the argument nm_motivo leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 05:15:00 GMT

read more

CVE-2025-8546 - Atjiu Pybbs Captcha Guessing Vulnerability (Remote)

CVE ID : CVE-2025-8546 Published : Aug. 5, 2025, 5:15 a.m. | 7 hours, 51 minutes ago Description : A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named ecaf8d46944fd03e3c4ea05698f8acf0aaa570cf. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 05:15:00 GMT

read more

CVE-2025-8542 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8542 Published : Aug. 5, 2025, 4:16 a.m. | 8 hours, 51 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.10. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/empresas_cad.php. The manipulation of the argument fantasia/razao_social leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-8543 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8543 Published : Aug. 5, 2025, 4:16 a.m. | 8 hours, 51 minutes ago Description : A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. Affected is an unknown function of the file /intranet/educar_raca_cad.php. The manipulation of the argument nm_raca leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54980 - Adobe Flash Player Arbitrary Command Execution

CVE ID : CVE-2025-54980 Published : Aug. 5, 2025, 4:16 a.m. | 5 hours, 43 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54978 - Apache HTTP Server HTTP Header Injection

CVE ID : CVE-2025-54978 Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 51 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54979 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-54979 Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 51 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54974 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-54974 Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54975 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-54975 Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54976 - Apache HTTP Server Unvalidated User Input Leads to Remote Command Execution

CVE ID : CVE-2025-54976 Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-54977 - Microsoft Azure Storage Rejected Reason

CVE ID : CVE-2025-54977 Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 04:16:00 GMT

read more

CVE-2025-53417 - DIAView Directory Traversal Information Disclosure Vulnerability

CVE ID : CVE-2025-53417 Published : Aug. 5, 2025, 3:15 a.m. | 5 hours, 10 minutes ago Description : DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 03:15:00 GMT

read more

CVE-2025-8540 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8540 Published : Aug. 5, 2025, 3:15 a.m. | 5 hours, 10 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.10. It has been classified as problematic. This affects an unknown part of the file /intranet/public_municipio_cad.php. The manipulation of the argument nome leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 03:15:00 GMT

read more

CVE-2025-8541 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8541 Published : Aug. 5, 2025, 3:15 a.m. | 5 hours, 10 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /intranet/public_uf_cad.php. The manipulation of the argument nome leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 03:15:00 GMT

read more

CVE-2025-8539 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8539 Published : Aug. 5, 2025, 2:15 a.m. | 6 hours, 10 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this issue is some unknown functionality of the file /intranet/public_distrito_cad.php. The manipulation of the argument nome leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 02:15:00 GMT

read more

CVE-2025-54865 - Tilesheets MediaWiki SQL Injection Vulnerability

CVE ID : CVE-2025-54865 Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago Description : Tilesheets MediaWiki Extension adds a table lookup parser function for an item and returns the requested image. A missing backtick in a query executed by the Tilesheets extension allows users to insert and potentially execute malicious SQL code. This issue has not been fixed. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54870 - VTun-ng Blowfish-256 Plaintext Reversion Vulnerability

CVE ID : CVE-2025-54870 Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago Description : VTun-ng is a Virtual Tunnel over TCP/IP network. In versions 3.0.17 and below, failure to initialize encryption modules might cause reversion to plaintext due to insufficient error handling. The bug was first introduced in VTun-ng version 3.0.12. This is fixed in version 3.0.18. To workaround this issue, avoid blowfish-256. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54871 - Electron TCC Bypass

CVE ID : CVE-2025-54871 Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago Description : Electron Capture facilitates video playback for screen-sharing and capture. In versions 2.19.1 and below, the elecap app on macOS allows local unprivileged users to bypass macOS TCC privacy protections by enabling ELECTRON_RUN_AS_NODE. This environment variable allows arbitrary Node.js code to be executed via the -e flag, which runs inside the main Electron context, inheriting any previously granted TCC entitlements (such as access to Documents, Downloads, etc.). This issue is fixed in version 2.20.0. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-8535 - "Cronoh NanoVault XSS Vulnerability"

CVE ID : CVE-2025-8535 Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago Description : A vulnerability, which was classified as problematic, has been found in cronoh NanoVault up to 1.2.1. This issue affects the function executeJavaScript of the file /main.js of the component xrb URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-8537 - Axiomatic Bento4 AP4_DataBuffer Buffer Overflow

CVE ID : CVE-2025-8537 Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago Description : A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-8538 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8538 Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago Description : A vulnerability has been found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /usuarios/tipos/novo. The manipulation of the argument name/description leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54803 - js-toml Prototype Pollution Vulnerability

CVE ID : CVE-2025-54803 Published : Aug. 5, 2025, 1:15 a.m. | 4 hours, 20 minutes ago Description : js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input. This is fixed in version 1.0.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54804 - Russh SSH Integer Overflow Vulnerability

CVE ID : CVE-2025-54804 Published : Aug. 5, 2025, 1:15 a.m. | 4 hours, 20 minutes ago Description : Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an internal state value. This can result in a integer overflow. If the Rust code is compiled with overflow checks, it will panic. A malicious client can crash a server. This is fixed in version 0.54.1. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54780 - GLPI Screenshot Plugin File Disclosure and PHP Wrapper Abuse

CVE ID : CVE-2025-54780 Published : Aug. 5, 2025, 1:15 a.m. | 4 hours ago Description : The glpi-screenshot-plugin allows users to take screenshots or screens recording directly from GLPI. In versions below 2.0.2, authenticated user can use the /ajax/screenshot.php endpoint to leak files from the system or use PHP wrappers. This is fixed in version 2.0.2. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54794 - "Claude Code Directory Traversal Vulnerability"

CVE ID : CVE-2025-54794 Published : Aug. 5, 2025, 1:15 a.m. | 4 hours ago Description : Claude Code is an agentic coding tool. In versions below 0.2.111, a path validation flaw using prefix matching instead of canonical path comparison, makes it possible to bypass directory restrictions and access files outside the CWD. Successful exploitation depends on the presence of (or ability to create) a directory with the same prefix as the CWD and the ability to add untrusted content into a Claude Code context window. This is fixed in version 0.2.111. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54795 - Claude Code Command Injection Vulnerability

CVE ID : CVE-2025-54795 Published : Aug. 5, 2025, 1:15 a.m. | 4 hours ago Description : Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. This is fixed in version 1.0.20. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54802 - "pyLoad Path Traversal RCE"

CVE ID : CVE-2025-54802 Published : Aug. 5, 2025, 1:15 a.m. | 4 hours ago Description : pyLoad is the free and open-source Download Manager written in pure Python. In versions 0.5.0b3.dev89 and below, there is an opportunity for path traversal in pyLoad-ng CNL Blueprint via package parameter, allowing Arbitrary File Write which leads to Remote Code Execution (RCE). The addcrypted endpoint in pyload-ng suffers from an unsafe path construction vulnerability, allowing unauthenticated attackers to write arbitrary files outside the designated storage directory. This can be abused to overwrite critical system files, including cron jobs and systemd services, leading to privilege escalation and remote code execution as root. This issue is fixed in version 0.5.0b3.dev90. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-52892 - EspoCRM Double Slash URL Vulnerability (Cache Corruption)

CVE ID : CVE-2025-52892 Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago Description : EspoCRM is a web application with a frontend designed as a single-page application and a REST API backend written in PHP. In versions 9.1.6 and below, if a user loads Espo in the browser with double slashes (e.g https://domain//#Admin) and the webserver does not strip the double slash, it can cause a corrupted Slim router's cache. This will make the instance unusable until there is a completed rebuild. This is fixed in version 9.1.7. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-53544 - Trilium Notes Unauthenticated Brute-Force Protection Bypass Vulnerability

CVE ID : CVE-2025-53544 Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago Description : Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases. In versions below 0.97.0, a brute-force protection bypass in the initial sync seed retrieval endpoint allows unauthenticated attackers to guess the login password without triggering rate limiting. Trilium is a single-user app without a username requirement, and brute-force protection bypass makes exploitation much more feasible. Multiple features provided by Trilium (e.g. MFA, share notes, custom request handler) indicate that Trilium can be exposed to the internet. This is fixed in version 0.97.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54119 - ADOdb SQLite3 SQL Injection Vulnerability

CVE ID : CVE-2025-54119 Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago Description : ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns(), metaForeignKeys() or metaIndexes() methods with a crafted table name. This is fixed in version 5.22.10. To workaround this issue, only pass controlled data to metaColumns(), metaForeignKeys() and metaIndexes() method's $table parameter. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54130 - "Cursor Dotfile File Write RCE Vulnerability"

CVE ID : CVE-2025-54130 Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago Description : Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions less than 1.3.9. If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive editor files, such as the .vscode/settings.json file don't already exist in the workspace, an attacker can chain a indirect prompt injection vulnerability to hijack the context to write to the settings file and trigger RCE on the victim without user approval. This is fixed in version 1.3.9. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54135 - Cursor Unapproved File Writing and RCE Vulnerability

CVE ID : CVE-2025-54135 Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago Description : Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions below 1.3.9, If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive MCP files, such as the .cursor/mcp.json file don't already exist in the workspace, an attacker can chain a indirect prompt injection vulnerability to hijack the context to write to the settings file and trigger RCE on the victim without user approval. This is fixed in version 1.3.9. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54387 - IPX Path Prefix Bypass Vulnerability

CVE ID : CVE-2025-54387 Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago Description : IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path separator. This occurs because the check relies on a raw string prefix comparison. This is fixed in versions 1.3.2, 2.1.1 and 3.1.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 01:15:00 GMT

read more

CVE-2025-54797 - Apache Struts Remote Code Execution

CVE ID : CVE-2025-54797 Published : Aug. 5, 2025, 12:15 a.m. | 3 hours, 20 minutes ago Description : Rejected reason: This CVE is a duplicate of CVE-2025-52464. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 00:15:00 GMT

read more

CVE-2025-8534 - Libtiff tiff2ps PS_Lvl2page Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-8534 Published : Aug. 5, 2025, 12:15 a.m. | 3 hours, 20 minutes ago Description : A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 6ba36f159fd396ad11bf6b7874554197736ecc8b. It is recommended to apply a patch to fix this issue. One of the maintainers explains, that "[t]his error only occurs if DEFER_STRILE_LOAD (defer-strile-load:BOOL=ON) or TIFFOpen( .. "rD") option is used." Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 05 Aug 2025 00:15:00 GMT

read more

Fuite de données chez Pandora

]]>

Tue Aug 05 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-8530 - Elunez Eladmin Druid Default Credentials Vulnerability

CVE ID : CVE-2025-8530 Published : Aug. 4, 2025, 11:15 p.m. | 4 hours, 20 minutes ago Description : A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument login-username/login-password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-46093 - LiquidFiles FTP SETUID Setgid Remote Command Execution

CVE ID : CVE-2025-46093 Published : Aug. 4, 2025, 11:15 p.m. | 3 hours, 19 minutes ago Description : LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-46094 - LiquidFiles Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-46094 Published : Aug. 4, 2025, 11:15 p.m. | 3 hours, 19 minutes ago Description : LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript. Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-8529 - CloudFavorites Favorites-Web SSRF Vulnerability

CVE ID : CVE-2025-8529 Published : Aug. 4, 2025, 11:15 p.m. | 3 hours, 19 minutes ago Description : A vulnerability classified as critical was found in cloudfavorites favorites-web up to 1.3.0. Affected by this vulnerability is the function getCollectLogoUrl of the file app/src/main/java/com/favorites/web/CollectController.java. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-27211 - EdgeMAX EdgeSwitch Command Injection Vulnerability

CVE ID : CVE-2025-27211 Published : Aug. 4, 2025, 11:15 p.m. | 1 hour, 56 minutes ago Description : An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a Command Injection by a malicious actor with access to EdgeSwitch adjacent network. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-27212 - Ubiquiti UniFi Access Command Injection Vulnerability

CVE ID : CVE-2025-27212 Published : Aug. 4, 2025, 11:15 p.m. | 1 hour, 56 minutes ago Description : An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi Access management network. Affected Products: UniFi Access Reader Pro (Version 2.14.21 and earlier) UniFi Access G2 Reader Pro (Version 1.10.32 and earlier) UniFi Access G3 Reader Pro (Version 1.10.30 and earlier) UniFi Access Intercom (Version 1.7.28 and earlier) UniFi Access G3 Intercom (Version 1.7.29 and earlier) UniFi Access Intercom Viewer (Version 1.3.20 and earlier) Mitigation: Update UniFi Access Reader Pro Version 2.15.9 or later Update UniFi Access G2 Reader Pro Version 1.11.23 or later Update UniFi Access G3 Reader Pro Version 1.11.22 or later Update UniFi Access Intercom Version 1.8.22 or later Update UniFi Access G3 Intercom Version 1.8.22 or later Update UniFi Access Intercom Viewer Version 1.4.39 or later Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 23:15:00 GMT

read more

CVE-2025-4599 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4599 Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 57 minutes ago Description : The fragment preview functionality in Liferay Portal 7.4.3.61 through 7.4.3.132, and Liferay DXP 2024.Q4.1 through 2024.Q4.5, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 update 61 through update 92 was found to be vulnerable to postMessage-based XSS because it allows a remote non-authenticated attacker to inject JavaScript into the fragment portlet URL. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-4604 - Liferay Portal/Captcha Bypass Remote Code Execution

CVE ID : CVE-2025-4604 Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago Description : The vulnerable code can bypass the Captcha check in Liferay Portal 7.4.3.80 through 7.4.3.132, and Liferay DXP 2024.Q1.1 through 2024.Q1.19, 2024.Q2.0 through 2024.Q2.13, 2024.Q3.0 through 2024.Q3.13, 2024.Q4.0 through 2024.Q4.7, 2025.Q1.0 through 2025.Q1.15 and 7.4 update 80 through update 92 and then attackers can run scripts in the Gogo shell Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-54554 - Tera Insights tiCrypt Information Disclosure

CVE ID : CVE-2025-54554 Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago Description : tiaudit in Tera Insights tiCrypt before 2025-07-17 allows unauthenticated REST API requests that reveal sensitive information about the underlying SQL queries and database structure. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-7844 - TPM 2.0 Stack Buffer Overflow

CVE ID : CVE-2025-7844 Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago Description : Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default `MAX_RSA_KEY_BITS=2048` is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than 2048 bits and your application calls `wolfTPM2_RsaKey_TpmToWolf` on that key, then a stack buffer could be overrun. If the `MAX_RSA_KEY_BITS` build-time macro is set correctly (RSA bits match what TPM hardware is capable of) for the hardware target, then a stack overrun is not possible. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-8527 - Exrick xboot Swagger Server-Side Request Forgery (SSRF) Vulnerability

CVE ID : CVE-2025-8527 Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago Description : A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument loginUrl leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-8528 - Exrick xboot Exposed Sensitive Information Cookie Storage

CVE ID : CVE-2025-8528 Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago Description : A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 22:15:00 GMT

read more

CVE-2025-50341 - Axelor SQL Injection Vulnerability

CVE ID : CVE-2025-50341 Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago Description : A Boolean-based SQL injection vulnerability was discovered in Axelor 5.2.4 via the _domain parameter. An attacker can manipulate the SQL query logic and determine true/false conditions, potentially leading to data exposure or further exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-50754 - Unisite CMS Stored XSS

CVE ID : CVE-2025-50754 Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago Description : Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) vulnerability in the "Report" functionality. A malicious script submitted by an attacker is rendered in the admin panel when viewed by an administrator. This allows attackers to hijack the admin session and, by leveraging the template editor, upload and execute a PHP web shell on the server, leading to full remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-51387 - GitKraken Desktop Node.js Code Injection Vulnerability

CVE ID : CVE-2025-51387 Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago Description : The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be executed in Node.js mode, enabling attackers to pass arguments that result in arbitrary code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-51726 - CyberGhost VPN Weak SHA-1 Signing and Predictable ASLR Vulnerability

CVE ID : CVE-2025-51726 Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago Description : CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cryptographic hash algorithm SHA-1, which is vulnerable to collision attacks. This allows a malicious actor to craft a fake installer with a forged SHA-1 certificate that may still be accepted by Windows signature verification mechanisms, particularly on systems without strict SmartScreen or trust policy enforcement. Additionally, the installer lacks High Entropy Address Space Layout Randomization (ASLR), as confirmed by BinSkim (BA2015 rule) and repeated WinDbg analysis. The binary consistently loads into predictable memory ranges, increasing the success rate of memory corruption exploits. These two misconfigurations, when combined, significantly lower the bar for successful supply-chain style attacks or privilege escalation through fake installers. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-8525 - Exrick xboot Information Disclosure Vulnerability

CVE ID : CVE-2025-8525 Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago Description : A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-8526 - Exrick xBoot Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-8526 Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago Description : A vulnerability was found in Exrick xboot up to 3.3.4. It has been declared as critical. This vulnerability affects the function Upload of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/UploadController.java. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 21:15:00 GMT

read more

CVE-2025-50340 - SOGo Webmail IDOR Email Spoofing

CVE ID : CVE-2025-50340 Published : Aug. 4, 2025, 8:15 p.m. | 4 hours, 56 minutes ago Description : An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6.0, allowing an authenticated user to send emails on behalf of other users by manipulating a user-controlled identifier in the email-sending request. The server fails to verify whether the authenticated user is authorized to use the specified sender identity, resulting in unauthorized message delivery as another user. This can lead to impersonation, phishing, or unauthorized communication within the system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 20:15:00 GMT

read more

CVE-2025-55014 - Youdao StarDict X11 Selection Information Disclosure

CVE ID : CVE-2025-55014 Published : Aug. 4, 2025, 8:15 p.m. | 4 hours, 56 minutes ago Description : The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and elsewhere, sends an X11 selection to the dict.youdao.com and dict.cn servers via cleartext HTTP. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 20:15:00 GMT

read more

CVE-2025-8523 - RiderLike Fruit Crush-Brain App Android Component Export Vulnerability

CVE ID : CVE-2025-8523 Published : Aug. 4, 2025, 8:15 p.m. | 4 hours, 56 minutes ago Description : A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.fruitcrush.fun. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 20:15:00 GMT

read more

CVE-2025-8524 - "Boquan DotWallet Android AndroidManifest.xml Component Export Vulnerability"

CVE ID : CVE-2025-8524 Published : Aug. 4, 2025, 8:15 p.m. | 4 hours, 56 minutes ago Description : A vulnerability was found in Boquan DotWallet App 2.15.2 on Android and classified as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.boquanhash.dotwallet. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 20:15:00 GMT

read more

CVE-2025-8522 - Givanz Vvvebjs Node.js File Path Traversal Vulnerability

CVE ID : CVE-2025-8522 Published : Aug. 4, 2025, 7:15 p.m. | 5 hours, 56 minutes ago Description : A vulnerability, which was classified as critical, was found in givanz Vvvebjs up to 2.0.4. Affected is an unknown function of the file /save.php of the component node.js. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-21120 - Dell Avamar HTTP Permission Methods Vulnerability

CVE ID : CVE-2025-21120 Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago Description : Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-26476 - Dell ECS Hard-coded Cryptographic Key Unauthorized Access Vulnerability

CVE ID : CVE-2025-26476 Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago Description : Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-38741 - "Dell Enterprise SONiC OS SSH Cryptographic Key Exposure Vulnerability"

CVE ID : CVE-2025-38741 Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago Description : Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-52239 - ZKEACMS File Upload Code Execution Vulnerability

CVE ID : CVE-2025-52239 Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago Description : An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-53394 - Macrium Reflect Remote Code Execution Vulnerability

CVE ID : CVE-2025-53394 Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago Description : Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx or .mrbax backup file and a renamed executable placed in the same directory. When a user with administrative privileges opens the crafted backup file and proceeds to mount it, Reflect launches the renamed executable (e.g., explorer.exe), which is under attacker control. This occurs because of insufficient validation of companion files referenced during backup mounting. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-53395 - Macrium Reflect DLL Loading Vulnerability (Local Privilege Escalation)

CVE ID : CVE-2025-53395 Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago Description : Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx backup file and a malicious VSSSvr.dll located in the same directory. When a user with administrative privileges mounts a backup by opening the .mrimgx file, Reflect loads the attacker's VSSSvr.dll after the mount completes. This occurs because of untrusted DLL search path behavior in ReflectMonitor.exe. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-8521 - Givanz Vvveb Add Type Handler Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8521 Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago Description : A vulnerability, which was classified as problematic, has been found in givanz Vvveb up to 1.0.5. This issue affects some unknown processing of the file /vadmin123/index.php?module=settings/post-types of the component Add Type Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The patch is named b53c7161da606f512b7efcb392d6ffc708688d49/605a70f8729e4d44ebe272671cb1e43e3d6ae014. It is recommended to upgrade the affected component. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 19:15:00 GMT

read more

CVE-2025-8520 - Givanz Vvveb SSRF Vulnerability

CVE ID : CVE-2025-8520 Published : Aug. 4, 2025, 6:15 p.m. | 4 hours, 51 minutes ago Description : A vulnerability classified as critical was found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/?module=editor/editor of the component Drag-and-Drop Editor. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The patch is identified as f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2013-10052 - ZPanel Sudo Privilege Escalation Vulnerability

CVE ID : CVE-2013-10052 Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago Description : ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation for administrative tasks. However, when misconfigured in /etc/sudoers, zsudo can be invoked by low-privileged users to execute arbitrary commands as root. This flaw enables local attackers with shell access to escalate privileges by writing a payload to a writable directory and executing it via zsudo. The vulnerability is particularly impactful in post-exploitation scenarios following web server compromise, where the attacker inherits access to zsudo. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2013-10054 - LibrettoCMS Unauthenticated Remote Code Execution File Upload Vulnerability

CVE ID : CVE-2013-10054 Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago Description : An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and possibly earlier) contains an unauthenticated arbitrary file upload vulnerability in its File Manager plugin. The upload handler located at adm/ui/js/ckeditor/plugins/pgrfilemanager/php/upload.php fails to properly validate file extensions, allowing attackers to upload files with misleading extensions and subsequently rename them to executable .php scripts. This enables remote code execution on the server without authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2024-45183 - Samsung Exynos JPEG Length Check Vulnerability (Buffer Overflow)

CVE ID : CVE-2024-45183 Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago Description : An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, and 2400. A lack of a JPEG length check leads to an out-of-bound write. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-34147 - Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection Vulnerability

CVE ID : CVE-2025-34147 Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago Description : An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). When configuring the device in Extender mode via its captive portal, the extap2g SSID field is inserted unescaped into a reboot-time shell script. This allows remote attackers within Wi-Fi range to inject arbitrary shell commands that execute as root during device reboot, leading to full system compromise. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-46206 - Artifex mupdf Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-46206 Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago Description : An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the `strip_outline()` function enters infinite recursion Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-51390 - TOTOLINK N600R Command Injection Vulnerability

CVE ID : CVE-2025-51390 Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago Description : TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-8519 - Givanz Vvveb Drag-and-Drop Editor Information Disclosure Vulnerability

CVE ID : CVE-2025-8519 Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago Description : A vulnerability classified as problematic has been found in givanz Vvveb up to 1.0.5. This affects an unknown part of the file /vadmin123/index.php?module=editor/editor of the component Drag-and-Drop Editor. The manipulation of the argument url leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The identifier of the patch is f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 18:15:00 GMT

read more

CVE-2025-50420 - Poppler PDF Denial of Service

CVE ID : CVE-2025-50420 Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago Description : An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS). Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-50422 - Poppler PDF Memory Leak Information Disclosure

CVE ID : CVE-2025-50422 Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago Description : An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory dump. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-51534 - Austrian Archaeological Institute (AI) OpenAtlas Cross-Site Scripting (XSS)

CVE ID : CVE-2025-51534 Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago Description : A cross-site scripting (XSS) vulnerability in Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-51535 - Austrian Archaeological Institute OpenAtlas SQL Injection Vulnerability

CVE ID : CVE-2025-51535 Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago Description : Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a SQL injection vulnerability. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-8518 - Givanz Vvveb Code Editor Remote Code Injection Vulnerability

CVE ID : CVE-2025-8518 Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago Description : A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44954 - RUCKUS SmartZone SSH Private Key Hardcoded Vulnerability

CVE ID : CVE-2025-44954 Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago Description : RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44957 - Ruckus SmartZone Authentication Bypass Vulnerability

CVE ID : CVE-2025-44957 Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago Description : Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44958 - RUCKUS Network Director Unencrypted Password Storage Vulnerability

CVE ID : CVE-2025-44958 Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago Description : RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44960 - RUCKUS SmartZone OS Command Injection Vulnerability

CVE ID : CVE-2025-44960 Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago Description : RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44961 - RUCKUS SmartZone OS Command Injection

CVE ID : CVE-2025-44961 Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago Description : In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44962 - RUCKUS SmartZone Directory Traversal Vulnerability

CVE ID : CVE-2025-44962 Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago Description : RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-44963 - RUCKUS Network Director JWT Spoofing Vulnerability

CVE ID : CVE-2025-44963 Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago Description : RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 17:15:00 GMT

read more

CVE-2025-38739 - Dell Digital Delivery Insufficiently Protected Credentials Information Disclosure

CVE ID : CVE-2025-38739 Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago Description : Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to Information Disclosure. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-44955 - RUCKUS Network Director (RND) Hardcoded Password Root Access

CVE ID : CVE-2025-44955 Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago Description : RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-5988 - Ansible aap-gateway CSRF Vulnerability

CVE ID : CVE-2025-5988 Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago Description : A flaw was found in the Ansible aap-gateway. Cross-site request forgery (CSRF) origin checking is not done on requests from the gateway to external components, such as the controller, hub, and eda. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-8516 - Kingdee Cloud-Starry-Sky Enterprise Edition IIS-K3CloudMiniApp Remote Path Traversal Vulnerability

CVE ID : CVE-2025-8516 Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago Description : A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. It has been classified as problematic. Affected is the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file K3Cloud\BBCMallSite\WEB-INF\lib\Kingdee.K3.O2O.Base.WebApp.jar!\kingdee\k3\o2o\base\webapp\action\FileUploadAction.class of the component IIS-K3CloudMiniApp. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor recommends as a short-term measure to "[t]emporarily disable external network access to the Kingdee Cloud Galaxy Retail System or set up an IP whitelist for access control." The long-term remediation will be: "Install the security patch provided by the Starry Sky system, with the specific solutions being: i) Adding authentication to the vulnerable CMKAppWebHandler.ashx interface; ii) Removing the file reading function." Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-8517 - Givanz Vvveb Session Fixation Vulnerability

CVE ID : CVE-2025-8517 Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago Description : A vulnerability was found in givanz Vvveb 1.0.6.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to session fixiation. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.7 is able to address this issue. The patch is named d4b1e030066417b77d15b4ac505eed5ae7bf2c5e. It is recommended to upgrade the affected component. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 16:15:00 GMT

read more

CVE-2025-26065 - Intelbras RX1500 RX3000 XSS

CVE ID : CVE-2025-26065 Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago Description : A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-30096 - Dell PowerProtect Data Domain DD OS OS Command Injection

CVE ID : CVE-2025-30096 Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-30097 - Dell PowerProtect Data Domain OS Command Injection

CVE ID : CVE-2025-30097 Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-30098 - Dell PowerProtect Data Domain DD OS OS Command Injection

CVE ID : CVE-2025-30098 Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-30099 - Dell PowerProtect Data Domain OS Command Injection

CVE ID : CVE-2025-30099 Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-36594 - Dell PowerProtect Data Domain DD OS Authentication Bypass by Spoofing Vulnerability

CVE ID : CVE-2025-36594 Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Authentication Bypass by Spoofing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Remote unauthenticated user can create account that potentially expose customer info, affect system integrity and availability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-44643 - Draytek AP Series Insecure Permissions Weak Password Vulnerability

CVE ID : CVE-2025-44643 Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago Description : Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with network access could exploit this to gain unauthorized control over the routing daemon, potentially altering network routes or intercepting traffic. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-51536 - AI OpenAtlas Hardcoded Administrator Password Vulnerability

CVE ID : CVE-2025-51536 Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago Description : Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 15:15:00 GMT

read more

CVE-2025-36604 - Dell Unity OS Command Injection

CVE ID : CVE-2025-36604 Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago Description : Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-36605 - Dell Unity Cross-site Scripting Vulnerability

CVE ID : CVE-2025-36605 Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago Description : Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-36606 - Dell Unity OS Command Injection Vulnerability

CVE ID : CVE-2025-36606 Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago Description : Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-36607 - Dell Unity OS Command Injection Vulnerability

CVE ID : CVE-2025-36607 Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago Description : Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-8109 - NVIDIA GPU Origin Read-Only Memory Write Vulnerability

CVE ID : CVE-2025-8109 Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago Description : Software installed and run as a non-privileged user may conduct ptrace system calls to issue writes to GPU origin read only memory. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 14:15:00 GMT

read more

CVE-2025-8515 - Intelbras InControl JSON Endpoint Information Disclosure

CVE ID : CVE-2025-8515 Published : Aug. 4, 2025, 11:15 a.m. | 5 hours, 51 minutes ago Description : A vulnerability was found in Intelbras InControl 2.21.60.9 and classified as problematic. This issue affects some unknown processing of the file /v1/operador/ of the component JSON Endpoint. The manipulation leads to information disclosure. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 11:15:00 GMT

read more

CVE-2025-0932 - Arm Ltd Bifrost GPU Userspace Driver/Arm Ltd Valhall GPU Userspace Driver/Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver: After Free Information Disclosure

CVE ID : CVE-2025-0932 Published : Aug. 4, 2025, 10:15 a.m. | 6 hours, 51 minutes ago Description : Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 10:15:00 GMT

read more

CVE-2025-6204 - DELmia Apriso Code Injection Vulnerability

CVE ID : CVE-2025-6204 Published : Aug. 4, 2025, 10:15 a.m. | 6 hours, 51 minutes ago Description : An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 10:15:00 GMT

read more

CVE-2025-6205 - "DELmia Apriso Authorization Bypass Vulnerability"

CVE ID : CVE-2025-6205 Published : Aug. 4, 2025, 10:15 a.m. | 6 hours, 51 minutes ago Description : A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 10:15:00 GMT

read more

CVE-2025-8341 - Grafana Infinity Datasource URL Bypass Vulnerability

CVE ID : CVE-2025-8341 Published : Aug. 4, 2025, 9:15 a.m. | 7 hours, 51 minutes ago Description : Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this restriction using a specially crafted URL. This vulnerability is fixed in version 3.4.1. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 09:15:00 GMT

read more

CVE-2025-41659 - CODESYS Control PKI Folder Remote Access Vulnerability

CVE ID : CVE-2025-41659 Published : Aug. 4, 2025, 8:15 a.m. | 8 hours, 51 minutes ago Description : A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only unencrypted communication is possible if the certificates are deleted. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 08:15:00 GMT

read more

CVE-2025-41691 - Siemens CODESYS Control Remote NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-41691 Published : Aug. 4, 2025, 8:15 a.m. | 8 hours, 51 minutes ago Description : An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 08:15:00 GMT

read more

CVE-2025-41658 - CODESYS Runtime Toolkit File Permission Vulnerability (Information Disclosure)

CVE ID : CVE-2025-41658 Published : Aug. 4, 2025, 8:15 a.m. | 8 hours, 3 minutes ago Description : CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 08:15:00 GMT

read more

CVE-2025-20700 - Airoha Bluetooth Audio SDK Privilege Escalation Vulnerability

CVE ID : CVE-2025-20700 Published : Aug. 4, 2025, 7:15 a.m. | 9 hours, 4 minutes ago Description : In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 07:15:00 GMT

read more

CVE-2025-20701 - Airoha Bluetooth Audio SDK Remote Privilege Escalation Vulnerability

CVE ID : CVE-2025-20701 Published : Aug. 4, 2025, 7:15 a.m. | 9 hours, 4 minutes ago Description : In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 07:15:00 GMT

read more

CVE-2025-20702 - Airoha Bluetooth RACE Protocol Privilege Escalation Vulnerability

CVE ID : CVE-2025-20702 Published : Aug. 4, 2025, 7:15 a.m. | 9 hours, 4 minutes ago Description : In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 07:15:00 GMT

read more

CVE-2025-48499 - Fujifilm Business Innovation MFP Denial-of-Service Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-48499 Published : Aug. 4, 2025, 6:15 a.m. | 10 hours, 4 minutes ago Description : Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service (DoS) condition. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 06:15:00 GMT

read more

CVE-2025-20696 - Dell Authentication Agent Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-20696 Published : Aug. 4, 2025, 2:15 a.m. | 12 hours, 53 minutes ago Description : In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09915215; Issue ID: MSV-3801. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 02:15:00 GMT

read more

CVE-2025-20697 - Qualcomm Power HAL Out-of-Bounds Write Privilege Escalation

CVE ID : CVE-2025-20697 Published : Aug. 4, 2025, 2:15 a.m. | 12 hours, 53 minutes ago Description : In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 02:15:00 GMT

read more

CVE-2025-20698 - Qualcomm Power HAL Out-of-Bounds Write Privilege Escalation

CVE ID : CVE-2025-20698 Published : Aug. 4, 2025, 2:15 a.m. | 12 hours, 53 minutes ago Description : In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 02:15:00 GMT

read more

CVE-2025-54962 - OpenPLC Runtime File Upload Vulnerability

CVE ID : CVE-2025-54962 Published : Aug. 4, 2025, 2:15 a.m. | 12 hours, 53 minutes ago Description : /edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload arbitrary files (such as .html or .svg), and these are then publicly accessible under the /static URI. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 04 Aug 2025 02:15:00 GMT

read more

CVE-2025-54956 - Gh R Unauthorized Information Disclosure

CVE ID : CVE-2025-54956 Published : Aug. 3, 2025, 6:15 p.m. | 20 hours, 53 minutes ago Description : The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request. Severity: 3.2 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 18:15:00 GMT

read more

CVE-2025-8513 - Caixin News App Android Android Application Component Export Vulnerability

CVE ID : CVE-2025-8513 Published : Aug. 3, 2025, 3:15 p.m. | 23 hours, 53 minutes ago Description : A vulnerability, which was classified as problematic, was found in Caixin News App 8.0.1 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.caixin.news. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 15:15:00 GMT

read more

CVE-2025-8511 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8511 Published : Aug. 3, 2025, 2:15 p.m. | 1 day ago Description : A vulnerability classified as problematic was found in Portabilis i-Diario 1.5.0. This vulnerability affects unknown code of the file /diario-de-observacoes/ of the component Observações. The manipulation of the argument Descrição leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 14:15:00 GMT

read more

CVE-2025-8512 - TVB Big Big Shop App Android Android Application Component Export Vulnerability

CVE ID : CVE-2025-8512 Published : Aug. 3, 2025, 2:15 p.m. | 1 day ago Description : A vulnerability, which was classified as problematic, has been found in TVB Big Big Shop App 2.9.0 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component hk.com.tvb.bigbigshop. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 14:15:00 GMT

read more

CVE-2025-8509 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8509 Published : Aug. 3, 2025, 1:15 p.m. | 23 hours, 51 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /intranet/educar_servidor_cad.php. The manipulation of the argument matricula leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 13:15:00 GMT

read more

CVE-2025-8510 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8510 Published : Aug. 3, 2025, 1:15 p.m. | 23 hours, 51 minutes ago Description : A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. This affects the function Gerar of the file ieducar/intranet/educar_matricula_lst.php. The manipulation of the argument ref_cod_aluno leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 82c288b9a4abb084bdfa1c0c4ef777ed45f98b46. It is recommended to apply a patch to fix this issue. The vendor initially closed the original advisory without requesting a CVE. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 13:15:00 GMT

read more

CVE-2024-51775 - Apache Zeppelin Origin Validation Bypass WebSockets Vulnerability

CVE ID : CVE-2024-51775 Published : Aug. 3, 2025, 11:15 a.m. | 1 day, 1 hour ago Description : Missing Origin Validation in WebSockets vulnerability in Apache Zeppelin. The attacker could access the Zeppelin server from another origin without any restriction, and get internal information about paragraphs. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 11:15:00 GMT

read more

CVE-2025-8508 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8508 Published : Aug. 3, 2025, 11:15 a.m. | 1 day, 1 hour ago Description : A vulnerability was found in Portabilis i-Educar 2.9. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_avaliacao_desempenho_cad.php. The manipulation of the argument titulo_avaliacao/descricao leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 11:15:00 GMT

read more

CVE-2025-8507 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8507 Published : Aug. 3, 2025, 10:15 a.m. | 1 day, 2 hours ago Description : A vulnerability was found in Portabilis i-Educar 2.9. It has been classified as problematic. Affected is an unknown function of the file /intranet/educar_funcao_lst.php. The manipulation of the argument nm_funcao/abreviatura leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 10:15:00 GMT

read more

CVE-2024-52279 - Apache Zeppelin JDBC URL Validation Bypass

CVE ID : CVE-2024-52279 Published : Aug. 3, 2025, 10:15 a.m. | 1 day ago Description : Improper Input Validation vulnerability in Apache Zeppelin. The fix for JDBC URL validation in CVE-2024-31864 did not account for URL encoded input. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 10:15:00 GMT

read more

CVE-2024-41177 - Apache Zeppelin Cross-Site Scripting (CWE-80)

CVE ID : CVE-2024-41177 Published : Aug. 3, 2025, 10:15 a.m. | 23 hours, 24 minutes ago Description : Incomplete Blacklist to Cross-Site Scripting vulnerability in Apache Zeppelin. This issue affects Apache Zeppelin: before 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 10:15:00 GMT

read more

CVE-2025-8506 - wx-shop Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8506 Published : Aug. 3, 2025, 9:15 a.m. | 1 day ago Description : A vulnerability was found in 495300897 wx-shop up to de1b66331368695779cfc6e4d11a64caddf8716e and classified as problematic. This issue affects some unknown processing of the file /user/editUI. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 09:15:00 GMT

read more

CVE-2025-8505 - wx-shop Cross-Site Request Forgery (CSRF) Vulnerability

CVE ID : CVE-2025-8505 Published : Aug. 3, 2025, 8:15 a.m. | 1 day, 1 hour ago Description : A vulnerability has been found in 495300897 wx-shop up to de1b66331368695779cfc6e4d11a64caddf8716e and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 08:15:00 GMT

read more

CVE-2025-8504 - "Code-Projects Kitchen Treasure File Upload Vulnerability"

CVE ID : CVE-2025-8504 Published : Aug. 3, 2025, 8:15 a.m. | 1 day ago Description : A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 08:15:00 GMT

read more

CVE-2025-8502 - Code-projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8502 Published : Aug. 3, 2025, 7:15 a.m. | 23 hours, 47 minutes ago Description : A vulnerability classified as critical was found in code-projects Online Medicine Guide 1.0. Affected by this vulnerability is an unknown functionality of the file /changepass.php. The manipulation of the argument ups leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 07:15:00 GMT

read more

CVE-2025-8503 - Code-projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8503 Published : Aug. 3, 2025, 7:15 a.m. | 23 hours, 47 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Online Medicine Guide 1.0. Affected by this issue is some unknown functionality of the file /adaddmed.php. The manipulation of the argument mname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 07:15:00 GMT

read more

CVE-2025-8501 - Human Resource Integrated System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8501 Published : Aug. 3, 2025, 6:15 a.m. | 1 day ago Description : A vulnerability classified as problematic has been found in code-projects Human Resource Integrated System 1.0. Affected is an unknown function of the file /insert-and-view/action.php. The manipulation of the argument content leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 06:15:00 GMT

read more

CVE-2025-8499 - Code-Projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8499 Published : Aug. 3, 2025, 5:15 a.m. | 1 day, 1 hour ago Description : A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cusfindambulence2.php. The manipulation of the argument Search leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 05:15:00 GMT

read more

CVE-2025-8500 - Code-projects Human Resource Integrated System SQL Injection Vulnerability

CVE ID : CVE-2025-8500 Published : Aug. 3, 2025, 5:15 a.m. | 1 day, 1 hour ago Description : A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insert-and-view/action.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 05:15:00 GMT

read more

CVE-2025-8498 - Code-projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8498 Published : Aug. 3, 2025, 4:15 a.m. | 1 day, 2 hours ago Description : A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been classified as critical. This affects an unknown part of the file /cart/index.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-8497 - Code-projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8497 Published : Aug. 3, 2025, 4:15 a.m. | 1 day ago Description : A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cusfindphar2.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-52131 - XWiki Mocca Calendar XSS

CVE ID : CVE-2025-52131 Published : Aug. 3, 2025, 4:15 a.m. | 20 hours, 51 minutes ago Description : The Mocca Calendar application before 2.15 for XWiki allows XSS via the background or text color field. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-52132 - XWiki Mocca Calendar XSS Vulnerability

CVE ID : CVE-2025-52132 Published : Aug. 3, 2025, 4:15 a.m. | 20 hours, 51 minutes ago Description : The Mocca Calendar application before 2.15 for XWiki allows XSS via a title to the view event page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-52133 - XWiki Mocca Calendar XSS

CVE ID : CVE-2025-52133 Published : Aug. 3, 2025, 4:15 a.m. | 20 hours, 51 minutes ago Description : The Mocca Calendar application before 2.15 for XWiki allows XSS via a title upon calendar import. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-8496 - Projectworlds Online Admission System SQL Injection Vulnerability

CVE ID : CVE-2025-8496 Published : Aug. 3, 2025, 4:15 a.m. | 20 hours, 51 minutes ago Description : A vulnerability has been found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewform.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 04:15:00 GMT

read more

CVE-2025-8495 - Code-projects Intern Membership Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8495 Published : Aug. 3, 2025, 2:15 a.m. | 14 hours, 33 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/edit_admin_query.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 02:15:00 GMT

read more

CVE-2025-54351 - Iperf Buffer Overflow

CVE ID : CVE-2025-54351 Published : Aug. 3, 2025, 2:15 a.m. | 12 hours, 51 minutes ago Description : In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv). Severity: 8.9 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 02:15:00 GMT

read more

CVE-2025-54349 - Iperf Heap-Based Buffer Overflow

CVE ID : CVE-2025-54349 Published : Aug. 3, 2025, 2:15 a.m. | 11 hours, 22 minutes ago Description : In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 02:15:00 GMT

read more

CVE-2025-54350 - Iperf Base64Decode Assertion Failure Vulnerability

CVE ID : CVE-2025-54350 Published : Aug. 3, 2025, 2:15 a.m. | 11 hours, 22 minutes ago Description : In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 02:15:00 GMT

read more

CVE-2025-54955 - OpenNebula FireEdge JWT Authentication Bypass

CVE ID : CVE-2025-54955 Published : Aug. 3, 2025, 12:15 a.m. | 12 hours, 27 minutes ago Description : OpenNebula Community Edition (CE) before 7.0.0 and Enterprise Edition (EE) before 6.10.3 have a critical FireEdge race condition that can lead to full account takeover. By exploiting this, an unauthenticated attacker can obtain a valid JSON Web Token (JWT) belonging to a legitimate user without knowledge of their credentials. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 00:15:00 GMT

read more

CVE-2025-8494 - Code-projects Intern Membership Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8494 Published : Aug. 3, 2025, 12:15 a.m. | 12 hours, 27 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /admin/delete_student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 03 Aug 2025 00:15:00 GMT

read more

CVE-2025-23290 - NVIDIA vGPU Information Disclosure Vulnerability

CVE ID : CVE-2025-23290 Published : Aug. 2, 2025, 11:15 p.m. | 11 hours, 26 minutes ago Description : NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a guest could get global GPU metrics which may be influenced by work in other VMs. A successful exploit of this vulnerability might lead to information disclosure. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2025-8493 - Code-projects Intern Membership Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8493 Published : Aug. 2, 2025, 11:15 p.m. | 11 hours, 26 minutes ago Description : A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_student_query.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2023-32253 - Linux Kernel ksmbd Deadlock Denial of Service Vulnerability

CVE ID : CVE-2023-32253 Published : Aug. 2, 2025, 11:15 p.m. | 9 hours, 51 minutes ago Description : A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a denial of service. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2023-32255 - Linux Kernel ksmbd NTLMSSP Memory Leak

CVE ID : CVE-2023-32255 Published : Aug. 2, 2025, 11:15 p.m. | 9 hours, 51 minutes ago Description : A flaw was found in the Linux kernel's ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type, potentially leading to resource exhaustion. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2025-23284 - NVIDIA vGPU Stack Buffer Overflow Vulnerability

CVE ID : CVE-2025-23284 Published : Aug. 2, 2025, 11:15 p.m. | 9 hours, 51 minutes ago Description : NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2025-23285 - NVIDIA vGPU Denial of Service

CVE ID : CVE-2025-23285 Published : Aug. 2, 2025, 11:15 p.m. | 9 hours, 51 minutes ago Description : NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where it allows a guest to access global resources. A successful exploit of this vulnerability might lead to denial of service. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 23:15:00 GMT

read more

CVE-2025-23283 - NVIDIA vGPU Virtual GPU Manager Stack Buffer Overflow

CVE ID : CVE-2025-23283 Published : Aug. 2, 2025, 10:15 p.m. | 8 hours, 50 minutes ago Description : NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23286 - NVIDIA GPU Display Driver Memory Disclosure Vulnerability

CVE ID : CVE-2025-23286 Published : Aug. 2, 2025, 10:15 p.m. | 8 hours, 50 minutes ago Description : NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23287 - NVIDIA GPU Display Driver Windows Information Disclosure

CVE ID : CVE-2025-23287 Published : Aug. 2, 2025, 10:15 p.m. | 8 hours, 50 minutes ago Description : NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may access sensitive system-level information. A successful exploit of this vulnerability may lead to Information disclosure. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23288 - NVIDIA GPU Display Driver for Windows Information Disclosure

CVE ID : CVE-2025-23288 Published : Aug. 2, 2025, 10:15 p.m. | 8 hours, 50 minutes ago Description : NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may cause an exposure of sensitive system information with local unprivileged system access. A successful exploit of this vulnerability may lead to Information disclosure. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23278 - NVIDIA Display Driver Index Validation Vulnerability

CVE ID : CVE-2025-23278 Published : Aug. 2, 2025, 10:15 p.m. | 6 hours, 50 minutes ago Description : NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing a call with crafted parameters. A successful exploit of this vulnerability might lead to data tampering or denial of service. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23279 - NVIDIA run Installer Privilege Escalation Vulnerability

CVE ID : CVE-2025-23279 Published : Aug. 2, 2025, 10:15 p.m. | 6 hours, 50 minutes ago Description : NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service, or data tampering. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23281 - NVIDIA GPU Display Driver for Windows Use-After-Free Vulnerability

CVE ID : CVE-2025-23281 Published : Aug. 2, 2025, 10:15 p.m. | 6 hours, 50 minutes ago Description : NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local unprivileged access that can win a race condition might be able to trigger a use-after-free error. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23276 - NVIDIA Installer for Windows Privilege Escalation Vulnerability

CVE ID : CVE-2025-23276 Published : Aug. 2, 2025, 10:15 p.m. | 4 hours, 50 minutes ago Description : NVIDIA Installer for Windows contains a vulnerability where an attacker may be able to escalate privileges. A successful exploit of this vulnerability may lead to escalation of privileges, denial of service, code execution, information disclosure and data tampering. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-23277 - NVIDIA Display Driver Kernel Mode Driver Out-of-Bounds Memory Access Vulnerability

CVE ID : CVE-2025-23277 Published : Aug. 2, 2025, 10:15 p.m. | 4 hours, 50 minutes ago Description : NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A successful exploit of this vulnerability might lead to denial of service, data tampering, or information disclosure. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 22:15:00 GMT

read more

CVE-2025-8471 - Projectworlds Online Admission System SQL Injection

CVE ID : CVE-2025-8471 Published : Aug. 2, 2025, 7:15 p.m. | 7 hours, 51 minutes ago Description : A vulnerability, which was classified as critical, has been found in projectworlds Online Admission System 1.0. This issue affects some unknown processing of the file /adminlogin.php. The manipulation of the argument a_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 19:15:00 GMT

read more

CVE-2025-8470 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-8470 Published : Aug. 2, 2025, 6:15 p.m. | 8 hours, 50 minutes ago Description : A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /admin/deleteroom.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 18:15:00 GMT

read more

CVE-2025-8469 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-8469 Published : Aug. 2, 2025, 5:15 p.m. | 9 hours, 50 minutes ago Description : A vulnerability classified as critical has been found in SourceCodester Online Hotel Reservation System 1.0. This affects an unknown part of the file /admin/deletegallery.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 17:15:00 GMT

read more

CVE-2025-8468 - Code-projects Wazifa System SQL Injection Vulnerability

CVE ID : CVE-2025-8468 Published : Aug. 2, 2025, 3:15 p.m. | 11 hours, 50 minutes ago Description : A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /controllers/reset.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 15:15:00 GMT

read more

CVE-2025-7500 - WordPress Ocean Social Sharing Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7500 Published : Aug. 2, 2025, 12:15 p.m. | 13 hours, 21 minutes ago Description : The Ocean Social Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via social icon titles in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 12:15:00 GMT

read more

CVE-2025-7710 - "Brave Conversion Engine WordPress Facebook Authentication Bypass"

CVE ID : CVE-2025-7710 Published : Aug. 2, 2025, 12:15 p.m. | 13 hours, 21 minutes ago Description : The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.7.7. This is due to the plugin not properly restricting a claimed identity while authenticating with Facebook. This makes it possible for unauthenticated attackers to log in as other users, including administrators. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 12:15:00 GMT

read more

CVE-2025-8467 - Code-Projects Wazifa System SQL Injection Vulnerability

CVE ID : CVE-2025-8467 Published : Aug. 2, 2025, 11:15 a.m. | 14 hours, 21 minutes ago Description : A vulnerability was found in code-projects Wazifa System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /controllers/regcontrol.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 11:15:00 GMT

read more

CVE-2025-8488 - Elementor Header Footer Builder Unauthorized Data Modification Vulnerability

CVE ID : CVE-2025-8488 Published : Aug. 2, 2025, 10:15 a.m. | 15 hours, 21 minutes ago Description : The Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_hfe_compatibility_option_callback ()function in all versions up to, and including, 2.4.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the compatibility option setting. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 10:15:00 GMT

read more

CVE-2025-6722 - BitFire Security - WordPress Firewall, WAF, Bot/Spam Blocker, Login Security Sensitive Information Exposure

CVE ID : CVE-2025-6722 Published : Aug. 2, 2025, 10:15 a.m. | 12 hours, 30 minutes ago Description : The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 10:15:00 GMT

read more

CVE-2025-6832 - WordPress All in One Time Clock Lite Reflected Cross-Site Scripting

CVE ID : CVE-2025-6832 Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 30 minutes ago Description : The All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8391 - WordPress Magic Edge Lite Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8391 Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 29 minutes ago Description : The Magic Edge – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘height’ parameter in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8399 - WordPress Mmm Unity Loader Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8399 Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 29 minutes ago Description : The Mmm Unity Loader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributes’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8400 - WordPress Image Gallery Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8400 Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 29 minutes ago Description : The Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8466 - Code-projects Online Farm System SQL Injection

CVE ID : CVE-2025-8466 Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 29 minutes ago Description : A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /forgot_passfarmer.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 09:15:00 GMT

read more

CVE-2025-8212 - Elementor Medical Addon Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8212 Published : Aug. 2, 2025, 8:15 a.m. | 14 hours, 30 minutes ago Description : The Medical Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typewriter widget in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-8317 - WordPress Custom Word Cloud Stored Cross-Site Scripting

CVE ID : CVE-2025-8317 Published : Aug. 2, 2025, 8:15 a.m. | 14 hours, 30 minutes ago Description : The Custom Word Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘angle’ parameter in all versions up to, and including, 0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-4588 - WordPress 360 Photo Spheres Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4588 Published : Aug. 2, 2025, 8:15 a.m. | 13 hours, 21 minutes ago Description : The 360 Photo Spheres plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sphere' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-6626 - ShortPixel Adaptive Images WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6626 Published : Aug. 2, 2025, 8:15 a.m. | 13 hours, 21 minutes ago Description : The ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the API URL Setting in all versions up to, and including, 3.10.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-6754 - "WordPress SEO Metrics Privilege Escalation"

CVE ID : CVE-2025-6754 Published : Aug. 2, 2025, 8:15 a.m. | 13 hours, 21 minutes ago Description : The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks in both the seo_metrics_handle_connect_button_click() AJAX handler and the seo_metrics_handle_custom_endpoint() function in versions 1.0.5 through 1.0.15. Because the AJAX action only verifies a nonce, without checking the caller’s capabilities, a subscriber-level user can retrieve the token and then access the custom endpoint to obtain full administrator cookies. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-8152 - WordPress WP CTA - Call To Action Plugin Unauthenticated Data Modification Vulnerability

CVE ID : CVE-2025-8152 Published : Aug. 2, 2025, 8:15 a.m. | 13 hours, 21 minutes ago Description : The WP CTA – Call To Action Plugin, Sticky CTA, Sticky Buttons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_cta_status' and 'change_sticky_sidebar_name' functions in all versions up to, and including, 1.7.0. This makes it possible for unauthenticated attackers to update the status of a sticky and update the name displayed in the back-end WP CTA Dashboard. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 08:15:00 GMT

read more

CVE-2025-8146 - "Qi Addons For Elementor Stored Cross-Site Scripting"

CVE ID : CVE-2025-8146 Published : Aug. 2, 2025, 5:15 a.m. | 16 hours, 21 minutes ago Description : The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 05:15:00 GMT

read more

CVE-2025-7694 - WordPress Woffice Core Plugin File Deletion Vulnerability

CVE ID : CVE-2025-7694 Published : Aug. 2, 2025, 4:15 a.m. | 17 hours, 20 minutes ago Description : The Woffice Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the woffice_file_manager_delete() function in all versions up to, and including, 5.4.26. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 04:15:00 GMT

read more

CVE-2025-6076 - Partner Software's Partner Software and Partner Web application File Upload Privilege Escalation

CVE ID : CVE-2025-6076 Published : Aug. 2, 2025, 3:15 a.m. | 18 hours, 21 minutes ago Description : Partner Software's Partner Software application and Partner Web application do not sanitize files uploaded on the "reports" tab, allowing an authenticated attacker to upload a malicious file and compromise the device. By default, the software runs as SYSTEM, heightening the severity of the vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 03:15:00 GMT

read more

CVE-2025-6077 - Partner Software's Partner Software Product and Web Application Default Administrator Credentials Vulnerability

CVE ID : CVE-2025-6077 Published : Aug. 2, 2025, 3:15 a.m. | 18 hours, 21 minutes ago Description : Partner Software's Partner Software Product and corresponding Partner Web application use the same default username and password for the administrator account across all versions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 03:15:00 GMT

read more

CVE-2025-6078 - Partner Software's Partner Software Stored XSS Vulnerability

CVE ID : CVE-2025-6078 Published : Aug. 2, 2025, 3:15 a.m. | 18 hours, 21 minutes ago Description : Partner Software's Partner Software application and Partner Web application allows an authenticated user to add notes on the 'Notes' page when viewing a job but does not completely sanitize input, making it possible to add notes with HTML tags and JavaScript, enabling an attacker to add a note containing malicious JavaScript, leading to stored XSS (cross-site scripting). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 03:15:00 GMT

read more

CVE-2025-54796 - Copyparty Denial of Service (DoS) Regular Expression Injection

CVE ID : CVE-2025-54796 Published : Aug. 2, 2025, 12:15 a.m. | 18 hours, 29 minutes ago Description : Copyparty is a portable file server. Versions prior to 1.18.9, the filter parameter for the "Recent Uploads" page allows arbitrary RegExes. If this feature is enabled (which is the default), an attacker can craft a filter which deadlocks the server. This is fixed in version 1.18.9. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54790 - Apache Files SQL Injection

CVE ID : CVE-2025-54790 Published : Aug. 2, 2025, 12:15 a.m. | 17 hours, 20 minutes ago Description : Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not have logic to prevent the exploitation of backend SQL queries without direct output, potentially allowing unauthorized data access. This is fixed in version 0.16.10. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54789 - Apache Files Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54789 Published : Aug. 2, 2025, 12:15 a.m. | 16 hours, 10 minutes ago Description : Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move functionality does not contain logic that prevents injection of arbitrary JavaScript, which can lead to Browser JS code execution in the context of the user’s session. This is fixed in version 0.16.10. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54782 - Nest Devtools Integration Remote Code Execution Vulnerability

CVE ID : CVE-2025-54782 Published : Aug. 2, 2025, 12:15 a.m. | 14 hours, 9 minutes ago Description : Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution (RCE) vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API endpoint that uses an unsafe JavaScript sandbox (safe-eval-like implementation). Due to improper sandboxing and missing cross-origin protections, any malicious website visited by a developer can execute arbitrary code on their local machine. The package adds HTTP endpoints to a locally running NestJS development server. One of these endpoints, /inspector/graph/interact, accepts JSON input containing a code field and executes the provided code in a Node.js vm.runInNewContext sandbox. This is fixed in version 0.2.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54386 - Traefik WASM Plugin Path Traversal Vulnerability

CVE ID : CVE-2025-54386 Published : Aug. 2, 2025, 12:15 a.m. | 12 hours, 8 minutes ago Description : Traefik is an HTTP reverse proxy and load balancer. In versions 2.11.27 and below, 3.0.0 through 3.4.4 and 3.5.0-rc1, a path traversal vulnerability was discovered in WASM Traefik’s plugin installation mechanism. By supplying a maliciously crafted ZIP archive containing file paths with ../ sequences, an attacker can overwrite arbitrary files on the system outside of the intended plugin directory. This can lead to remote code execution (RCE), privilege escalation, persistence, or denial of service. This is fixed in versions 2.11.28, 3.4.5 and 3.5.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54781 - Microsoft Azure Entra ID/Intune Token Leak Vulnerability

CVE ID : CVE-2025-54781 Published : Aug. 2, 2025, 12:15 a.m. | 12 hours, 8 minutes ago Description : Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaud_tasks service leaks an Intune service access token to the system journal. This short-lived token can be used to detect the host's Intune compliance status, and may permit additional administrative operations for the Intune host device (though the API for these operations is undocumented). This is fixed in version 1.1.0. To workaround this issue, ensure that Himmelblau debugging is disabled. Severity: 2.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54133 - Cursor Model Context Protocol (MCP) UI Information Disclosure Vulnerability

CVE ID : CVE-2025-54133 Published : Aug. 2, 2025, 12:15 a.m. | 10 hours, 6 minutes ago Description : Cursor is a code editor built for programming with AI. In versions 1.17 through 1.2, there is a UI information disclosure vulnerability in Cursor's MCP (Model Context Protocol) deeplink handler, allowing attackers to execute 2-click arbitrary system commands through social engineering attacks. When users click malicious `cursor://anysphere.cursor-deeplink/mcp/install` links, the installation dialog does not show the arguments being passed to the command being run. If a user clicks a malicious deeplink, then examines the installation dialog and clicks through, the full command including the arguments will be executed on the machine. This is fixed in version 1.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54136 - Cursor Remote Code Execution Vulnerability

CVE ID : CVE-2025-54136 Published : Aug. 2, 2025, 12:15 a.m. | 10 hours, 6 minutes ago Description : Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a collaborator accepts a harmless MCP, the attacker can silently swap it for a malicious command (e.g., calc.exe) without triggering any warning or re-prompt. If an attacker has write permissions on a user's active branches of a source repository that contains existing MCP servers the user has previously approved, or allows an attacker has arbitrary file-write locally, the attacker can achieve arbitrary code execution. This is fixed in version 1.3. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 02 Aug 2025 00:15:00 GMT

read more

CVE-2025-54792 - LocalSend Man-in-the-Middle Vulnerability

CVE ID : CVE-2025-54792 Published : Aug. 1, 2025, 11:15 p.m. | 11 hours, 6 minutes ago Description : LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the-Middle (MitM) vulnerability in the software's discovery protocol allows an unauthenticated attacker on the same local network to impersonate legitimate devices, silently intercepting, reading, and modifying any file transfer. This can be used to steal sensitive data or inject malware, like ransomware, into files shared between trusted users. The attack is hardly detectable and easy to implement, posing a severe and immediate security risk. This issue was fixed in version 1.17.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 23:15:00 GMT

read more

CVE-2025-54131 - Cursor Command Injection Bypass

CVE ID : CVE-2025-54131 Published : Aug. 1, 2025, 11:15 p.m. | 9 hours, 50 minutes ago Description : Cursor is a code editor built for programming with AI. In versions below 1.3, an attacker can bypass the allow list in auto-run mode with a backtick (`) or $(cmd). If a user has swapped Cursor from its default settings (requiring approval for every terminal call) to an allowlist, an attacker can execute arbitrary command execution outside of the allowlist without user approval. An attacker can trigger this vulnerability if chained with indirect prompt injection. This is fixed in version 1.3. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 23:15:00 GMT

read more

CVE-2025-54132 - "Cursor Mermaid Image Exfiltration Vulnerability"

CVE ID : CVE-2025-54132 Published : Aug. 1, 2025, 11:15 p.m. | 9 hours, 50 minutes ago Description : Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid (which is used to render diagrams) allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled server through an image fetch after successfully performing a prompt injection. A malicious model (or hallucination/backdoor) might also trigger this exploit at will. This issue requires prompt injection from malicious data (web, image upload, source code) in order to exploit. In that case, it can send sensitive information to an attacker-controlled external server. This is fixed in version 1.3. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 23:15:00 GMT

read more

CVE-2025-54424 - 1Panel Remote Code Execution (RCE) via Incomplete Certificate Verification

CVE ID : CVE-2025-54424 Published : Aug. 1, 2025, 11:15 p.m. | 9 hours, 50 minutes ago Description : 1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 23:15:00 GMT

read more

CVE-2024-13978 - LibTIFF Null Pointer Dereference Vulnerability

CVE ID : CVE-2024-13978 Published : Aug. 1, 2025, 10:15 p.m. | 10 hours, 50 minutes ago Description : A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issue. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 22:15:00 GMT

read more

CVE-2013-10063 - Netgear SPH200D Path Traversal Vulnerability

CVE ID : CVE-2013-10063 Published : Aug. 1, 2025, 9:15 p.m. | 11 hours, 50 minutes ago Description : A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can expose sensitive system files and configuration data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10057 - Synactis PDF In-The-Box ActiveX Control Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2013-10057 Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago Description : A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control (PDF_IN_1.ocx), specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy operation overwrites a saved TRegistry class pointer on the stack. This allows remote attackers to execute arbitrary code in the context of the user by enticing them to visit a malicious webpage that instantiates the vulnerable ActiveX control. The vulnerability was discovered via its use in third-party software such as Logic Print 2013. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10058 - Linksys Router OS Command Injection Vulnerability

CVE ID : CVE-2013-10058 Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago Description : An authenticated OS command injection vulnerability exists in various Linksys router models (tested on WRT160Nv2) running firmware version v2.0.03 via the apply.cgi endpoint. The web interface fails to properly sanitize user-supplied input passed to the ping_size parameter during diagnostic operations. An attacker with valid credentials can inject arbitrary shell commands, enabling remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10059 - D-Link Router OS Command Injection Vulnerability

CVE ID : CVE-2013-10059 Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago Description : An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm diagnostic interface, allowing attackers to inject arbitrary shell commands using backtick encapsulation. With default credentials, an attacker can exploit this blind injection vector to execute arbitrary commands. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10060 - Netgear Router OS Command Injection Vulnerability

CVE ID : CVE-2013-10060 Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago Description : An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10061 - Netgear Router OS Command Injection Vulnerability

CVE ID : CVE-2013-10061 Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago Description : An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10062 - "Linksys Router Directory Traversal Vulnerability"

CVE ID : CVE-2013-10062 Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago Description : A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05), specifically in the /apply.cgi endpoint. Authenticated attackers can exploit the next_page POST parameter to access arbitrary files outside the intended web root by injecting traversal sequences. This allows exposure of sensitive system files and configuration data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10053 - ZPanel Remote Command Execution Vulnerability

CVE ID : CVE-2013-10053 Published : Aug. 1, 2025, 9:15 p.m. | 7 hours, 1 minute ago Description : A remote command execution vulnerability exists in ZPanel version 10.0.0.2 in its htpasswd module. When creating .htaccess files, the inHTUsername field is passed unsanitized to a system() call that invokes the system’s htpasswd binary. By injecting shell metacharacters into the username field, an authenticated attacker can execute arbitrary system commands. Exploitation requires a valid ZPanel account—such as one in the default Users, Resellers, or Administrators groups—but no elevated privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10055 - Havalite CMS Unauthenticated Remote Code Execution File Upload Vulnerability

CVE ID : CVE-2013-10055 Published : Aug. 1, 2025, 9:15 p.m. | 7 hours, 1 minute ago Description : An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and possibly earlier) in the upload.php script. The application fails to enforce proper file extension validation and authentication checks, allowing remote attackers to upload malicious PHP files via a crafted multipart/form-data POST request. Once uploaded, the attacker can access the file directly under havalite/tmp/files/, resulting in remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10049 - Raidsonic NAS Command Injection Vulnerability

CVE ID : CVE-2013-10049 Published : Aug. 1, 2025, 9:15 p.m. | 5 hours, 50 minutes ago Description : An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone parameter of a POST request, allowing remote attackers to inject arbitrary shell commands. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10050 - D-Link Router OS Command Injection Vulnerability

CVE ID : CVE-2013-10050 Published : Aug. 1, 2025, 9:15 p.m. | 5 hours, 50 minutes ago Description : An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev A (v1.05) and DIR-615 rev D (v4.13)—via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid credentials to inject arbitrary shell commands. Exploitation enables full device compromise, including spawning a telnet daemon and establishing a root shell. The vulnerability is present in firmware versions that expose tools_vct.xgi and use the Mathopd/1.5p6 web server. No vendor patch is available, and affected models are end-of-life. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10051 - InstantCMS PHP Code Execution Vulnerability

CVE ID : CVE-2013-10051 Published : Aug. 1, 2025, 9:15 p.m. | 5 hours, 50 minutes ago Description : A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to unsafe use of eval() within the search view handler. Specifically, user-supplied input passed via the look parameter is concatenated into a PHP expression and executed without proper sanitation. A remote attacker can exploit this flaw by sending a crafted HTTP GET request with a base64-encoded payload in the Cmd header, resulting in arbitrary PHP code execution within the context of the web server. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2012-10022 - Kloxo Setuid Root Privilege Escalation

CVE ID : CVE-2012-10022 Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago Description : Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attackers with Apache-level access to escalate privileges to root without authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10044 - OpenEMR SQL Injection and Unrestricted File Upload Vulnerability

CVE ID : CVE-2013-10044 Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago Description : An authenticated SQL injection vulnerability exists in OpenEMR ≤ 4.1.1 Patch 14 that allows a low-privileged attacker to extract administrator credentials and subsequently escalate privileges. Once elevated, the attacker can exploit an unrestricted file upload flaw to achieve remote code execution, resulting in full compromise of the application and its host system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10046 - Agnitum Outpost Internet Security Named Pipe Privilege Escalation Vulnerability

CVE ID : CVE-2013-10046 Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago Description : A local privilege escalation vulnerability exists in Agnitum Outpost Internet Security 8.1 that allows an unprivileged user to execute arbitrary code with SYSTEM privileges. The flaw resides in the acs.exe component, which exposes a named pipe that accepts unauthenticated commands. By exploiting a directory traversal weakness in the pipe protocol, an attacker can instruct the service to load a malicious DLL from a user-controlled location. The DLL is then executed in the context of the privileged service. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10047 - MiniWeb HTTP Server Unrestricted File Upload and Privilege Escalation Vulnerability

CVE ID : CVE-2013-10047 Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago Description : An unrestricted file upload vulnerability exists in MiniWeb HTTP Server Build 300 that allows unauthenticated remote attackers to upload arbitrary files to the server’s filesystem. By abusing the upload handler and crafting a traversal path, an attacker can place a malicious .exe in system32, followed by a .mof file in the WMI directory. This triggers execution of the payload with SYSTEM privileges via the Windows Management Instrumentation service. The exploit is only viable on Windows versions prior to Vista. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2013-10048 - D-Link Router OS Command Injection Vulnerability

CVE ID : CVE-2013-10048 Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago Description : An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300 rev B and DIR-600 (firmware ≤ 2.13 and ≤ 2.14b01, respectively)—due to improper input handling in the unauthenticated command.php endpoint. By sending specially crafted POST requests, a remote attacker can execute arbitrary shell commands with root privileges, allowing full takeover of the device. This includes launching services such as Telnet, exfiltrating credentials, modifying system configuration, and disrupting availability. The flaw stems from the lack of authentication and inadequate sanitation of the cmd parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 21:15:00 GMT

read more

CVE-2025-8472 - Alpine iLX-507 Bluetooth vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-8472 Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago Description : Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the parsing of vCard data. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-26316. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8473 - Alpine iLX-507 Command Injection Vulnerability

CVE ID : CVE-2025-8473 Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago Description : Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPDM_wstpCBCUpdStart function. The issue results from the lack of proper validation of user-supplied data before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26317. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8474 - Alpine iLX-507 CarPlay Stack-based Buffer Overflow

CVE ID : CVE-2025-8474 Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago Description : Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Apple CarPlay protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26318. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8475 - Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-8475 Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago Description : Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the implementation of the AVRCP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26321. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8476 - Alpine iLX-507 TIDAL Certificate Validation Bypass Root RCE

CVE ID : CVE-2025-8476 Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago Description : Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TIDAL music streaming application. The issue results from improper certificate validation. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-26322. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8477 - Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-8477 Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago Description : Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the parsing of vCard data. The issue results from the lack of proper validation of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26324. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-8480 - Alpine iLX-507 Tidal Music Streaming Command Injection Remote Code Execution

CVE ID : CVE-2025-8480 Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago Description : Alpine iLX-507 Command Injection Remote Code Execution. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Tidal music streaming application. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26357. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6037 - Hashicorp Vault TLS Client Certificate Validation Bypass

CVE ID : CVE-2025-6037 Published : Aug. 1, 2025, 6:15 p.m. | 4 hours ago Description : Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as [+trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/cert#certificate]. In this configuration, an attacker may be able to craft a malicious certificate that could be used to impersonate another user. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-50869 - Institute-of-Current-Students XSS

CVE ID : CVE-2025-50869 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : A stored Cross-Site Scripting (XSS) vulnerability exists in the qureydetails.php page of Institute-of-Current-Students 1.0, where the input fields for Query and Answer do not properly sanitize user input. Authenticated users can inject arbitrary JavaScript code. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-50870 - Institute-of-Current-Students Student Information Disclosure via Incorrect Access Control

CVE ID : CVE-2025-50870 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the mydetailsstudent.php endpoint. The myds GET parameter accepts an email address as input and directly returns the corresponding student's personal information without validating the identity or permissions of the requesting user. This allows any authenticated or unauthenticated attacker to enumerate and retrieve sensitive student details by altering the email value in the request URL, leading to information disclosure. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-53009 - MaterialX Stack Exhaustion Crash Vulnerability

CVE ID : CVE-2025-53009 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stack exhaustion. An attacker could intentionally crash a target program that uses OpenEXR by sending a malicious MTLX file. This is fixed in version 1.39.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-53010 - MaterialX Null Pointer Dereference Denial of Service

CVE ID : CVE-2025-53010 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously crafted files. An attacker could intentionally crash a target program that uses OpenEXR by sending a malicious MTLX file. This is fixed in version 1.39.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-53011 - MaterialX Null Pointer Dereference

CVE ID : CVE-2025-53011 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously crafted files. An attacker could intentionally crash a target program that uses MaterialX by sending a malicious MTLX file. This is fixed in version 1.39.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-53012 - MaterialX Stack Overflow

CVE ID : CVE-2025-53012 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. When parsing file imports, recursion is used to process nested files; however, there is no limit imposed to the depth of files that can be parsed by the library. By building a sufficiently deep chain of MaterialX files one referencing the next, it is possible to crash the process using the MaterialX library via stack exhaustion. This is fixed in version 1.39.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54564 - ChargePoint Home Flex Unvalidated Decompression Vulnerability

CVE ID : CVE-2025-54564 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows command execution as the nobody user. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54574 - Squid Heap Buffer Overflow (Remote Code Execution)

CVE ID : CVE-2025-54574 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54590 - Apache WebFinger SSRF Vulnerability

CVE ID : CVE-2025-54590 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : webfinger.js is a TypeScript-based WebFinger client that runs in both browsers and Node.js environments. In versions 2.8.0 and below, the lookup function accepts user addresses for account checking. However, the ActivityPub specification requires preventing access to localhost services in production. This library does not prevent localhost access, only checking for hosts that start with "localhost" and end with a port. Users can exploit this by creating servers that send GET requests with controlled host, path, and port parameters to query services on the instance's host or local network, enabling blind SSRF attacks. This is fixed in version 2.8.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54593 - FreshRSS Remote Code Execution Vulnerability

CVE ID : CVE-2025-54593 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain code execution after running an update. After successfully executing code, user data including hashed passwords can be exfiltrated, the instance can be defaced when file permissions allow. Malicious code can be inserted into the instance to steal plaintext passwords, among others. This is fixed in version 1.26.2. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-54595 - Pearcleaner Privilege Escalation Vulnerability

CVE ID : CVE-2025-54595 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : Pearcleaner is a free, source-available and fair-code licensed mac app cleaner. The PearcleanerHelper is a privileged helper tool bundled with the Pearcleaner application. It is registered and activated only after the user approves a system prompt to allow privileged operations. Upon approval, the helper is configured as a LaunchDaemon and runs with root privileges. In versions 4.4.0 through 4.5.1, the helper registers an XPC service (com.alienator88.Pearcleaner.PearcleanerHelper) and accepts unauthenticated connections from any local process. It exposes a method that executes arbitrary shell commands. This allows any local unprivileged user to escalate privileges to root once the helper is approved and active. This issue is fixed in version 4.5.2. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-5999 - "Vault Privileged Escalation Vulnerability"

CVE ID : CVE-2025-5999 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6000 - Apache Vault Code Execution Vulnerability

CVE ID : CVE-2025-6000 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : A privileged Vault operator within the root namespace with write permission to {{sys/audit}} may obtain code execution on the underlying host if a plugin directory is set in Vault’s configuration. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6004 - Vault User Lockout Bypass

CVE ID : CVE-2025-6004 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : Vault and Vault Enterprise’s (“Vault”) user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6011 - HashiCorp Vault Userpass Timing Side Channel Disclosure

CVE ID : CVE-2025-6011 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : A timing side channel in Vault and Vault Enterprise’s (“Vault”) userpass auth method allowed an attacker to distinguish between existing and non-existing users, and potentially enumerate valid usernames for Vault’s Userpass auth method. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6014 - Vault TOTP Secrets Engine Code Reuse Vulnerability

CVE ID : CVE-2025-6014 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : Vault and Vault Enterprise’s (“Vault”) TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-6015 - Vault Two-Factor Authentication Bypass and Token Reuse

CVE ID : CVE-2025-6015 Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 18:15:00 GMT

read more

CVE-2025-45150 - LangChain-ChatGLM-Webui File Disclosure Vulnerability

CVE ID : CVE-2025-45150 Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago Description : Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive files via supplying a crafted request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-45778 - The Language Sloth Web Application Stored XSS

CVE ID : CVE-2025-45778 Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago Description : A stored cross-site scripting (XSS) vulnerability in The Language Sloth Web Application v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Description text field. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-48074 - OpenEXR DataWindow Size Validation Vulnerability

CVE ID : CVE-2025-48074 Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago Description : OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-51501 - Microweber CMS Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-51501 Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago Description : Reflected Cross-Site Scripting (XSS) in the id parameter of the live_edit.module_settings API endpoint in Microweber CMS2.0 allows execution of arbitrary JavaScript. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-51502 - Microweber CMS Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-51502 Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago Description : Reflected Cross-Site Scripting (XSS) in Microweber CMS 2.0 via the layout parameter on the /admin/page/create page allows arbitrary JavaScript execution in the context of authenticated admin users. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2025-51504 - Microweber CMS Cross Site Scripting (XSS)

CVE ID : CVE-2025-51504 Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago Description : Microweber CMS 2.0 is vulnerable to Cross Site Scripting (XSS)in the /projects/profile, homepage endpoint via the last name field. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 17:15:00 GMT

read more

CVE-2019-19144 - Quantum DXi6702 XML External Entity Injection Vulnerability

CVE ID : CVE-2019-19144 Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago Description : XML External Entity Injection vulnerability in Quantum DXi6702 2.3.0.3 (11449-53631 Build304) devices via rest/Users?action=authenticate. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-44139 - Emlog Pro File Upload Vulnerability

CVE ID : CVE-2025-44139 Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago Description : Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog/admin/plugin.php?action=upload_zip Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-50460 - Apache Ms-Swift Remote Code Execution (RCE)

CVE ID : CVE-2025-50460 Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago Description : A remote code execution (RCE) vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.load() from the PyYAML library (versions = 5.3.1). If an attacker can control the content of the YAML configuration file passed to the --run_config parameter, arbitrary code can be executed during deserialization. This can lead to full system compromise. The vulnerability is triggered when a malicious YAML file is loaded, allowing the execution of arbitrary Python commands such as os.system(). It is recommended to upgrade PyYAML to version 5.4 or higher, and to use yaml.safe_load() to mitigate the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-50472 - Apache Spark - Deserialization Code Execution Vulnerability

CVE ID : CVE-2025-50472 Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago Description : The modelscope/ms-swift library thru 2.6.1 is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_model_meta()` function of the `ModelFileSystemCache()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized `.mdl` payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine. Note that the payload file is a hidden file, making it difficult for the victim to detect tampering. More importantly, during the model training process, after the `.mdl` file is loaded and executes arbitrary code, the normal training process remains unaffected'meaning the user remains unaware of the arbitrary code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-52327 - Restaurant Order System SQL Injection

CVE ID : CVE-2025-52327 Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago Description : SQL Injection vulnerability in Restaurant Order System 1.0 allows a local attacker to obtain sensitive information via the payment.php file Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-52361 - Lighttpd AK-Nord USB-Server-LXL Root Command Execution

CVE ID : CVE-2025-52361 Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago Description : Insecure permissions in the script /etc/init.d/lighttpd in AK-Nord USB-Server-LXL Firmware v0.0.16 Build 2023-03-13 allows a locally authenticated low-privilege user to execute arbitrary commands with root privilege via editing this script which is executed with root-privileges on any interaction and on every system boot. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-52390 - Saurus CMS SQL Injection Vulnerability

CVE ID : CVE-2025-52390 Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago Description : Saurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection vulnerability in the `prepareSearchQuery()` method in `FulltextSearch.class.php`. The application directly concatenates user-supplied input (`$search_word`) into SQL queries without sanitization, allowing attackers to manipulate the SQL logic and potentially extract sensitive information or escalate their privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 16:15:00 GMT

read more

CVE-2025-45767 - Jose Weak Encryption Vulnerability

CVE ID : CVE-2025-45767 Published : Aug. 1, 2025, 3:15 p.m. | 3 hours ago Description : jose v6.0.10 was discovered to contain weak encryption. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 15:15:00 GMT

read more

CVE-2023-44976 - Shunwang Rentdrv2 EDR Process Termination Vulnerability

CVE ID : CVE-2023-44976 Published : Aug. 1, 2025, 2:15 p.m. | 4 hours ago Description : Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023. Severity: 3.2 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 14:15:00 GMT

read more

CVE-2025-46018 - CSC Pay Mobile App Bluetooth Payment Authorization Bypass Vulnerability

CVE ID : CVE-2025-46018 Published : Aug. 1, 2025, 2:15 p.m. | 4 hours ago Description : CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to bypass payment authorization by disabling Bluetooth at a specific point during a transaction. This could result in unauthorized use of laundry services and potential financial loss. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 14:15:00 GMT

read more

CVE-2025-41370 - Gandia Integra Total TESI SQL Injection Vulnerability

CVE ID : CVE-2025-41370 Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb/html/view/acceso.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41371 - Gandia Integra Total TESI SQL Injection

CVE ID : CVE-2025-41371 Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb_v4/integra/html/view/acceso.php Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41372 - Gandia Integra Total TESI SQL Injection

CVE ID : CVE-2025-41372 Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/informe_campo_entrevistas.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41373 - Gandia Integra Total TESI SQL Injection

CVE ID : CVE-2025-41373 Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41374 - Gandia Integra Total TESI SQL Injection Vulnerability

CVE ID : CVE-2025-41374 Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41375 - Gandia Integra Total TESI SQL Injection Vulnerability

CVE ID : CVE-2025-41375 Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/consultaincimails.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-41376 - Gandia Integra Total TESI SQL Injection Vulnerability

CVE ID : CVE-2025-41376 Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/consultacuotasred.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 13:15:00 GMT

read more

CVE-2025-4684 - WordPress BlockSpare Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4684 Published : Aug. 1, 2025, 12:15 p.m. | 6 hours ago Description : The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of Image Carousel and Image Slider widgets in all versions up to, and including, 3.2.13.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 12:15:00 GMT

read more

CVE-2025-6228 - Sina Extension for Elementor Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6228 Published : Aug. 1, 2025, 12:15 p.m. | 6 hours ago Description : The Sina Extension for Elementor (Header Builder, Footer Builter, Theme Builder, Slider, Gallery, Form, Modal, Data Table Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `Sina Posts`, `Sina Blog Post` and `Sina Table` widgets in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 12:15:00 GMT

read more

CVE-2025-6398 - ASUS AI Suite 3 Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-6398 Published : Aug. 1, 2025, 9:15 a.m. | 7 hours, 50 minutes ago Description : A null pointer dereference vulnerability exists in the IOMap64.sys driver of ASUS AI Suite 3. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash (BSOD). Refer to the ' Security Update for for AI Suite 3 ' section on the ASUS Security Advisory for more information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 09:15:00 GMT

read more

CVE-2025-8443 - Code-projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8443 Published : Aug. 1, 2025, 9:15 a.m. | 7 hours, 50 minutes ago Description : A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 09:15:00 GMT

read more

CVE-2025-8441 - Code-projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8441 Published : Aug. 1, 2025, 8:15 a.m. | 8 hours, 50 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /pharsignup.php. The manipulation of the argument phuname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 08:15:00 GMT

read more

CVE-2025-8442 - Code-projects Online Medicine Guide SQL Injection Vulnerability

CVE ID : CVE-2025-8442 Published : Aug. 1, 2025, 8:15 a.m. | 8 hours, 50 minutes ago Description : A vulnerability has been found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cussignup.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 08:15:00 GMT

read more

CVE-2025-8438 - Code-Projects Wazifa System SQL Injection Vulnerability

CVE ID : CVE-2025-8438 Published : Aug. 1, 2025, 7:15 a.m. | 9 hours, 50 minutes ago Description : A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file /controllers/postpublish.php. The manipulation of the argument post leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 07:15:00 GMT

read more

CVE-2025-8439 - Wazifa System SQL Injection Vulnerability

CVE ID : CVE-2025-8439 Published : Aug. 1, 2025, 7:15 a.m. | 9 hours, 50 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Wazifa System 1.0. This issue affects some unknown processing of the file /controllers/updatesettings.php. The manipulation of the argument Password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 07:15:00 GMT

read more

CVE-2025-7646 - Elementor Addons Stored Cross-Site Scripting

CVE ID : CVE-2025-7646 Published : Aug. 1, 2025, 7:15 a.m. | 8 hours, 19 minutes ago Description : The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom script parameter in all versions up to, and including, 6.3.10 even when the user does not have the unfiltered_html capability. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 07:15:00 GMT

read more

CVE-2025-8437 - Kitchen Treasure SQL Injection Vulnerability

CVE ID : CVE-2025-8437 Published : Aug. 1, 2025, 7:15 a.m. | 8 hours, 19 minutes ago Description : A vulnerability classified as critical has been found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 07:15:00 GMT

read more

CVE-2025-31716 - Cisco Bootloader Out-of-Bounds Write Denial of Service

CVE ID : CVE-2025-31716 Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago Description : In bootloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-54939 - LiteSpeed QUIC (LSQUIC) Library LSQUIC Engine Packet In Memory Leak

CVE ID : CVE-2025-54939 Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago Description : LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-5921 - "SureForms WordPress Reflected Cross-Site Scripting"

CVE ID : CVE-2025-5921 Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago Description : The SureForms WordPress plugin before 1.7.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both authenticated and unauthenticated users. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-8436 - Projectworlds Online Admission System SQL Injection Vulnerability

CVE ID : CVE-2025-8436 Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago Description : A vulnerability was found in projectworlds Online Admission System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /viewdoc.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-8454 - Debian Package devscripts OpenPGP Verification Bypass

CVE ID : CVE-2025-8454 Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago Description : It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 06:15:00 GMT

read more

CVE-2025-8435 - Code-projects Online Movie Streaming PHP Remote Authorization Bypass Vulnerability

CVE ID : CVE-2025-8435 Published : Aug. 1, 2025, 5:15 a.m. | 10 hours, 14 minutes ago Description : A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-control.php. The manipulation of the argument ID leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-7725 - WordPress OpenAI Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7725 Published : Aug. 1, 2025, 5:15 a.m. | 8 hours, 56 minutes ago Description : The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment feature in all versions up to, and including, 26.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-7845 - Stratum Elementor Widgets Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7845 Published : Aug. 1, 2025, 5:15 a.m. | 8 hours, 56 minutes ago Description : The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Advanced Google Maps and Image Hotspot widgets in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-4523 - IDonate WordPress Plugin Unauthorized Data Access Vulnerability

CVE ID : CVE-2025-4523 Published : Aug. 1, 2025, 5:15 a.m. | 7 hours, 50 minutes ago Description : The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the admin_donor_profile_view() function in versions 2.0.0 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to expose an administrator’s username, email address, and all donor fields. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-7443 - BerqWP Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-7443 Published : Aug. 1, 2025, 5:15 a.m. | 7 hours, 50 minutes ago Description : The BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the store_javascript_cache.php file in all versions up to, and including, 2.2.42. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 05:15:00 GMT

read more

CVE-2025-54846 - Apache HTTP Server HTTP Request Smuggling

CVE ID : CVE-2025-54846 Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54847 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-54847 Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-5947 - WordPress Service Finder Bookings Privilege Escalation

CVE ID : CVE-2025-5947 Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago Description : The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via authentication bypass in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user's cookie value prior to logging them in through the service_finder_switch_back() function. This makes it possible for unauthenticated attackers to login as any user including admins. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-8433 - Dell Document Management System Path Traversal Vulnerability

CVE ID : CVE-2025-8433 Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago Description : A vulnerability was found in code-projects Document Management System 1.0 and classified as critical. This issue affects the function unlink of the file /dell.php. The manipulation of the argument ID leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-8434 - Apache Code-projects Online Movie Streaming Remote File Inclusion Vulnerability

CVE ID : CVE-2025-8434 Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago Description : A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID leads to missing authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54844 - Apache Struts Command Execution

CVE ID : CVE-2025-54844 Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54845 - Adobe Flash Memory Corruption Vulnerability

CVE ID : CVE-2025-54845 Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54842 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-54842 Published : Aug. 1, 2025, 4:16 a.m. | 4 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54843 - Fortinet DNS Server Insufficient Input Validation

CVE ID : CVE-2025-54843 Published : Aug. 1, 2025, 4:16 a.m. | 4 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2019-19145 - Quantum SuperLoader 3 Password Brute Force

CVE ID : CVE-2019-19145 Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago Description : Quantum SuperLoader 3 V94.0 005E.0h devices allow attackers to access the hardcoded fa account because there are only 65536 possible passwords. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-53399 - Sipwise RTPengine RTP Stream Injection and Interception Vulnerability

CVE ID : CVE-2025-53399 Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago Description : In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic of the media-relay core allows remote attackers to inject or intercept RTP/SRTP media streams via RTP packets (except when the relay is configured for strict source and learning disabled). Version 13.4.1.1 fixes the heuristic mode by limiting exposure to the first five packets, and introduces a recrypt flag that fully prevents SRTP attacks when both mitigations are enabled. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54657 - Apache Struts Command Injection

CVE ID : CVE-2025-54657 Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54839 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-54839 Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54840 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-54840 Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-54841 - Apache Struts SQL Injection

CVE ID : CVE-2025-54841 Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 04:16:00 GMT

read more

CVE-2025-5954 - WordPress Service Finder SMS System Plugin Unauthenticated Administrator Account Takeover Vulnerability

CVE ID : CVE-2025-5954 Published : Aug. 1, 2025, 3:15 a.m. | 3 hours, 11 minutes ago Description : The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not restricting user role selection at the time of registration through the aonesms_fn_savedata_after_signup() function. This makes it possible for unauthenticated attackers to register as an administrator user. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 03:15:00 GMT

read more

CVE-2025-8431 - PHPGurukul Boat Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-8431 Published : Aug. 1, 2025, 2:15 a.m. | 4 hours, 11 minutes ago Description : A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/add-boat.php. The manipulation of the argument boatname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 01 Aug 2025 02:15:00 GMT

read more

CVE-2025-48071 - OpenEXR ZIPS-packed Deep Scan-Line Heap Buffer Overflow

CVE ID : CVE-2025-48071 Published : July 31, 2025, 9:15 p.m. | 9 hours, 11 minutes ago Description : OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files with a maliciously forged chunk header. This is fixed in version 3.3.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-48072 - OpenEXR Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-48072 Published : July 31, 2025, 9:15 p.m. | 9 hours, 11 minutes ago Description : OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR files with a maliciously forged chunk. This is fixed in version 3.3.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-48073 - OpenEXR NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-48073 Published : July 31, 2025, 9:15 p.m. | 9 hours, 11 minutes ago Description : OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a NULL pointer dereference in a write operation. This is fixed in version 3.3.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2023-32251 - Linux Kernel ksmbd Dictionary Attack Bypass

CVE ID : CVE-2023-32251 Published : July 31, 2025, 9:15 p.m. | 7 hours, 50 minutes ago Description : A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-23289 - NVIDIA Omniverse Launcher Information Disclosure Vulnerability

CVE ID : CVE-2025-23289 Published : July 31, 2025, 9:15 p.m. | 7 hours, 50 minutes ago Description : NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive information to be written to the log files through proxy servers. A successful exploit of this vulnerability might lead to information disclosure. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-45768 - PyJWT Weak Encryption

CVE ID : CVE-2025-45768 Published : July 31, 2025, 9:15 p.m. | 7 hours, 50 minutes ago Description : pyjwt v2.10.1 was discovered to contain weak encryption. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 21:15:00 GMT

read more

CVE-2025-50572 - Archer Technology RSA Archer Code Execution Vulnerability

CVE ID : CVE-2025-50572 Published : July 31, 2025, 8:15 p.m. | 8 hours, 49 minutes ago Description : An issue was discovered in Archer Technology RSA Archer 6.11.00204.10014 allowing attackers to execute arbitrary code via crafted system inputs that would be exported into the CSV and be executed after the user opened the file with compatible applications. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-8286 - Güralp FMUS series Telnet Command Injection Vulnerability

CVE ID : CVE-2025-8286 Published : July 31, 2025, 8:15 p.m. | 8 hours, 49 minutes ago Description : Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37108 - "HPE Telco Service Activator Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-37108 Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago Description : Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37109 - HPE Telco Service Activator Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-37109 Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago Description : Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37110 - HPE Telco Network Function Virtual Orchestrator Information Disclosure

CVE ID : CVE-2025-37110 Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago Description : A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37111 - HPE Telco Network Function Virtual Orchestrator Authentication Key Storage Policy Information Disclosure

CVE ID : CVE-2025-37111 Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago Description : A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-37112 - HPE Telco Network Function Virtual Orchestrator Key Storage Policy Information Disclosure

CVE ID : CVE-2025-37112 Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago Description : A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-45769 - PHP JWT Weak Encryption Vulnerability

CVE ID : CVE-2025-45769 Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago Description : php-jwt v6.11.0 was discovered to contain weak encryption. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-45770 - "Auth0 JWT Weak Encryption Vulnerability"

CVE ID : CVE-2025-45770 Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago Description : jwt v5.4.3 was discovered to contain weak encryption. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 20:15:00 GMT

read more

CVE-2025-26062 - Intelbras RX1500/3000 Unauthenticated Access to Settings File

CVE ID : CVE-2025-26062 Published : July 31, 2025, 7:15 p.m. | 7 hours, 50 minutes ago Description : An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 19:15:00 GMT

read more

CVE-2025-26063 - Intelbras RX1500/3000 - Unauthenticated Remote Code Execution Vulnerability

CVE ID : CVE-2025-26063 Published : July 31, 2025, 7:15 p.m. | 7 hours, 50 minutes ago Description : An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 19:15:00 GMT

read more

CVE-2025-26064 - Intelbras RX1500/RX3000 Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-26064 Published : July 31, 2025, 7:15 p.m. | 7 hours, 50 minutes ago Description : A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 19:15:00 GMT

read more

CVE-2025-51385 - D-Link DI-8200 Buffer Overflow Vulnerability

CVE ID : CVE-2025-51385 Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago Description : D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz_dlink_asp function via the id parameter. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-51503 - Microweber CMS Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-51503 Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago Description : A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious scripts into user profile fields, leading to arbitrary JavaScript execution in admin browsers. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-54832 - OPEXUS FOIAXpress Arbitrary State/Territory Modification Vulnerability

CVE ID : CVE-2025-54832 Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago Description : OPEXUS FOIAXpress Public Access Link (PAL), version v11.1.0, allows an authenticated user to add entries to the list of states and territories. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-54833 - OPEXUS FOIAXpress Bypass Account-Lockout and CAPTCHA Protection Vulnerability

CVE ID : CVE-2025-54833 Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago Description : OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers can more easily brute force passwords. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-54834 - OPEXUS FOIAXpress Information Disclosure Vulnerability

CVE ID : CVE-2025-54834 Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago Description : OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-8426 - Marvell QConvergeConsole Directory Traversal and Information Disclosure/DoS

CVE ID : CVE-2025-8426 Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago Description : Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and Denial-of-Service Vulnerability. This vulnerability allows remote attackers to disclose sensitive information or to create a denial-of-service condition on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the compressConfigFiles method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information or to create a denial-of-service condition on the system. Was ZDI-CAN-24915. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-51384 - D-Link DI-8200 IPsec Buffer Overflow

CVE ID : CVE-2025-51384 Published : July 31, 2025, 6:15 p.m. | 6 hours, 49 minutes ago Description : D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2025-51383 - D-Link DI-8200 Buffer Overflow Vulnerability

CVE ID : CVE-2025-51383 Published : July 31, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 18:15:00 GMT

read more

CVE-2024-34327 - Sielox AnyWare SQL Injection

CVE ID : CVE-2024-34327 Published : July 31, 2025, 5:15 p.m. | 3 hours, 49 minutes ago Description : Sielox AnyWare v2.1.2 was discovered to contain a SQL injection vulnerability via the email address field of the password reset form. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 17:15:00 GMT

read more

CVE-2025-50866 - CloudClassroom-PHP Project 1.0 Reflected Cross-site Scripting (XSS)

CVE ID : CVE-2025-50866 Published : July 31, 2025, 5:15 p.m. | 3 hours, 49 minutes ago Description : CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows an attacker to inject arbitrary JavaScript code that executes in the context of the user s browser, potentially leading to session hijacking or phishing attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 17:15:00 GMT

read more

CVE-2025-50867 - CloudClassroom-PHP-Project SQL Injection

CVE ID : CVE-2025-50867 Published : July 31, 2025, 4:15 p.m. | 4 hours, 49 minutes ago Description : A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directly embedded in SQL statements without sanitization. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-52203 - DevaslanPHP Stored XSS

CVE ID : CVE-2025-52203 Published : July 31, 2025, 4:15 p.m. | 4 hours, 49 minutes ago Description : A stored cross-site scripting (XSS) vulnerability exists in DevaslanPHP project-management v1.2.4. The vulnerability resides in the Ticket Name field, which fails to properly sanitize user-supplied input. An authenticated attacker can inject malicious JavaScript payloads into this field, which are subsequently stored in the database. When a legitimate user logs in and is redirected to the Dashboard panel "automatically upon authentication the malicious script executes in the user's browser context. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-8409 - "Code-projects Vehicle Management SQL Injection"

CVE ID : CVE-2025-8409 Published : July 31, 2025, 4:15 p.m. | 4 hours, 49 minutes ago Description : A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /filter.php. The manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-29556 - ExaGrid EX10 Incorrect Access Control Bypass

CVE ID : CVE-2025-29556 Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago Description : ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions preventing users with the Admin role from creating or modifying users with the Security Officer role without approval. However, a flaw in the account creation process allows an attacker to bypass these restrictions via API request manipulation. An attacker with an Admin access can intercept and modify the API request during user creation, altering the parameters to assign the new account to the ExaGrid Security Officers group without the required approval. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-46809 - SUSE Multi Linux Manager HTTP Proxy Credentials Disclosure

CVE ID : CVE-2025-46809 Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago Description : A Insertion of Sensitive Information into Log File vulnerability in SUSE Multi Linux Manager exposes the HTTP proxy credentials. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-50847 - CS Cart CSRF Add Product to Comparison List

CVE ID : CVE-2025-50847 Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago Description : Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafted HTTP request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-50848 - "CS Cart Cross-Site Scripting (XSS) File Upload Vulnerability"

CVE ID : CVE-2025-50848 Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago Description : A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute arbitrary code. CS Cart 4.18.3 allows unrestricted upload of HTML files, which are rendered directly in the browser when accessed. This allows an attacker to upload a crafted HTML file containing malicious content, such as a fake login form for credential harvesting or scripts for Cross-Site Scripting (XSS) attacks. Since the content is served from a trusted domain, it significantly increases the likelihood of successful phishing or script execution against other users. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-50850 - CS Cart Brute Force Vendor Login

CVE ID : CVE-2025-50850 Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago Description : An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls such as CAPTCHA verification and rate limiting. This allows an attacker to systematically attempt various combinations of usernames and passwords (brute-force attack) to gain unauthorized access to vendor accounts. The absence of any blocking mechanism makes the login endpoint susceptible to automated attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 16:15:00 GMT

read more

CVE-2025-34146 - SandboxJS Prototype Pollution Vulnerability

CVE ID : CVE-2025-34146 Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago Description : A prototype pollution vulnerability exists in @nyariv/sandboxjs versions 0.8.23, allowing attackers to inject arbitrary properties into Object.prototype via crafted JavaScript code. This can result in a denial-of-service (DoS) condition or, under certain conditions, escape the sandboxed environment intended to restrict code execution. The vulnerability stems from insufficient prototype access checks in the sandbox’s executor logic, particularly in the handling of JavaScript function objects returned. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-50270 - AnQiCMS Stored XSS

CVE ID : CVE-2025-50270 Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago Description : A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a remote attacker to execute arbitrary code via a crafted script to the title, categoryTitle, and tmpTag parameters. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-50475 - Russound MBX-PRE-D67F OS Command Injection Vulnerability

CVE ID : CVE-2025-50475 Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago Description : An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute arbitrary commands as root via crafted input to the hostname parameter in network configuration requests. This vulnerability stems from improper neutralization of special elements used in an OS command within the network configuration handler, enabling remote code execution with the highest privileges. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-50849 - CS Cart IDOR

CVE ID : CVE-2025-50849 Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago Description : CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile functionality allows enabling or disabling stickers through a parameter (company_id) sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate the request to target other users' accounts and toggle the sticker setting by modifying the company_id or other object identifiers. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-51569 - LB-Link BL-CPE300M Router Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-51569 Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago Description : A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06 router's web interface. The /goform/goform_get_cmd_process endpoint fails to sanitize user input in the cmd parameter before reflecting it into a text/html response. This allows unauthenticated attackers to inject arbitrary JavaScript, which is executed in the context of the router's origin when the crafted URL is accessed. The issue requires user interaction to exploit. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-52289 - MagnusBilling Broken Access Control Vulnerability

CVE ID : CVE-2025-52289 Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago Description : A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-8408 - Apache Vehicle Management SQL Injection

CVE ID : CVE-2025-8408 Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. Affected is an unknown function of the file /filter1.php. The manipulation of the argument vehicle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125121 - Array Networks vAPV/vxAG SSH Privilege Escalation Vulnerability

CVE ID : CVE-2014-125121 Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago Description : Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script. The devices ship with a default SSH login or a hardcoded DSA private key, allowing an attacker to authenticate remotely with limited privileges. Once authenticated, an attacker can overwrite the world-writable /ca/bin/monitor.sh script with arbitrary commands. Since this script is executed with elevated privileges through the backend binary, enabling the debug monitor via backend -c "debug monitor on" triggers execution of the attacker's payload as root. This allows full system compromise. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125122 - Linksys WRT120N Remote Stack Buffer Overflow Vulnerability

CVE ID : CVE-2014-125122 Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago Description : A stack-based buffer overflow vulnerability exists in the tmUnblock.cgi endpoint of the Linksys WRT120N wireless router. The vulnerability is triggered by sending a specially crafted HTTP POST request with an overly long TM_Block_URL parameter to the endpoint. By exploiting this flaw, an unauthenticated remote attacker can overwrite memory in a controlled manner, enabling them to temporarily reset the administrator password of the device to a blank value. This grants unauthorized access to the router’s web management interface without requiring valid credentials. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125123 - Kloxo SQL Injection Vulnerability

CVE ID : CVE-2014-125123 Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago Description : An unauthenticated SQL injection vulnerability exists in the Kloxo web hosting control panel (developed by LXCenter) prior to version 6.1.12. The flaw resides in the login-name parameter passed to lbin/webcommand.php, which fails to properly sanitize input, allowing an attacker to extract the administrator’s password from the backend database. After recovering valid credentials, the attacker can authenticate to the Kloxo control panel and leverage the Command Center feature (display.php) to execute arbitrary operating system commands as root on the underlying host system. This vulnerability was reported to be exploited in the wild in January 2014. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125124 - Pandora FMS Anyterm Remote Command Execution

CVE ID : CVE-2014-125124 Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago Description : An unauthenticated remote command execution vulnerability exists in Pandora FMS versions up to and including 5.0RC1 via the Anyterm web interface, which listens on TCP port 8023. The anyterm-module endpoint accepts unsanitized user input via the p parameter and directly injects it into a shell command, allowing arbitrary command execution as the pandora user. In certain versions (notably 4.1 and 5.0RC1), the pandora user can elevate privileges to root without a password using a chain involving the artica user account. This account is typically installed without a password and is configured to run sudo without authentication. Therefore, full system compromise is possible without any credentials. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125125 - A10 Networks AX Loadbalancer Path Traversal Vulnerability

CVE ID : CVE-2014-125125 Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago Description : A path traversal vulnerability exists in A10 Networks AX Loadbalancer versions 2.6.1-GR1-P5, 2.7.0, and earlier. The vulnerability resides in the handling of the filename parameter in the /xml/downloads endpoint, which fails to properly sanitize user input. An unauthenticated attacker can exploit this flaw by sending crafted HTTP requests containing directory traversal sequences to read arbitrary files outside the intended directory. The files returned by the vulnerable endpoint are deleted from the system after retrieval. This can lead to unauthorized disclosure of sensitive information such as SSL certificates and private keys, as well as unintended file deletion. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2014-125126 - Apache Simple E-Document Unrestricted File Upload and Authentication Bypass

CVE ID : CVE-2014-125126 Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago Description : An unrestricted file upload vulnerability exists in Simple E-Document versions 3.0 to 3.1 that allows an unauthenticated attacker to bypass authentication by sending a specific cookie header (access=3) with HTTP requests. The application’s upload mechanism fails to restrict file types and does not validate or sanitize user-supplied input, allowing attackers to upload malicious .php scripts. Authentication can be bypassed entirely by supplying a specially crafted cookie (access=3), granting access to the upload functionality without valid credentials. If file uploads are enabled on the server, the attacker can upload a web shell and gain remote code execution with the privileges of the web server user, potentially leading to full system compromise. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2024-34328 - Sielox AnyWare Open Redirect Vulnerability

CVE ID : CVE-2024-34328 Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago Description : An open redirect in Sielox AnyWare v2.1.2 allows attackers to execute a man-in-the-middle attack via a crafted URL. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-29557 - ExaGrid EX10 Remote Authentication Bypass

CVE ID : CVE-2025-29557 Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago Description : ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where users with operator-level privileges can issue an HTTP request to retrieve SMTP credentials, including plaintext passwords. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10042 - FreeFTPd FTP PASS Command Stack-Based Buffer Overflow

CVE ID : CVE-2013-10042 Published : July 31, 2025, 3:15 p.m. | 2 hours, 12 minutes ago Description : A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the handling of the FTP PASS command. When an attacker sends a specially crafted password string, the application fails to validate input length, resulting in memory corruption. This can lead to denial of service or arbitrary code execution. Exploitation requires the anonymous user account to be enabled. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10043 - OAstium VoIP PBX Remote Code Execution Vulnerability

CVE ID : CVE-2013-10043 Published : July 31, 2025, 3:15 p.m. | 2 hours, 12 minutes ago Description : A vulnerability exists in OAstium VoIP PBX astium-confweb-2.1-25399 and earlier, where improper input validation in the logon.php script allows an attacker to bypass authentication via SQL injection. Once authenticated as an administrator, the attacker can upload arbitrary PHP code through the importcompany field in import.php, resulting in remote code execution. The malicious payload is injected into /usr/local/astium/web/php/config.php and executed with root privileges by triggering a configuration reload via sudo /sbin/service astcfgd reload. Successful exploitation leads to full system compromise. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10033 - Kimai SQL Injection Remote Code Execution

CVE ID : CVE-2013-10033 Published : July 31, 2025, 3:15 p.m. | 43 minutes ago Description : An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db_restore.php endpoint. The flaw allows attackers to inject arbitrary SQL queries into the dates[] POST parameter, enabling file write via INTO OUTFILE under specific environmental conditions. This can lead to remote code execution by writing a PHP payload to the web-accessible temporary directory. The vulnerability has been confirmed in versions including 0.9.2.beta, 0.9.2.1294.beta, and 0.9.2.1306-3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10034 - Kaseya KServer Unauthenticated File Upload Remote Code Execution Vulnerability

CVE ID : CVE-2013-10034 Published : July 31, 2025, 3:15 p.m. | 43 minutes ago Description : An unrestricted file upload vulnerability exists in Kaseya KServer versions prior to 6.3.0.2. The uploadImage.asp endpoint allows unauthenticated users to upload files to arbitrary paths via a crafted filename parameter in a multipart/form-data POST request. Due to the lack of authentication and input sanitation, an attacker can upload a file with an .asp extension to a web-accessible directory, which can then be invoked to execute arbitrary code with the privileges of the IUSR account. The vulnerability enables remote code execution without prior authentication and was resolved in version 6.3.0.2 by removing the vulnerable uploadImage.asp endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10035 - ProcessMaker Code Injection Vulnerability

CVE ID : CVE-2013-10035 Published : July 31, 2025, 3:15 p.m. | 43 minutes ago Description : A code injection vulnerability exists in ProcessMaker Open Source versions 2.x when using the default 'neoclassic' skin. An authenticated user can execute arbitrary PHP code via multiple endpoints, including appFolderAjax.php, casesStartPage_Ajax.php, and cases_SchedulerGetPlugins.php, by supplying crafted POST requests to parameters such as action and params. These endpoints fail to validate user input and directly invoke PHP functions like system() with user-supplied parameters, enabling remote code execution. The vulnerability affects both Linux and Windows installations and is present in default configurations of versions including 2.0.23 through 2.5.1. The vulnerable skin cannot be removed through the web interface, and exploitation requires only valid user credentials. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10036 - Beetel Connection Manager Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2013-10036 Published : July 31, 2025, 3:15 p.m. | 43 minutes ago Description : A stack-based buffer overflow vulnerability exists in Beetel Connection Manager version PCW_BTLINDV1.0.0B04 when parsing the UserName parameter in the NetConfig.ini configuration file. A crafted .ini file containing an overly long UserName value can overwrite the Structured Exception Handler (SEH), leading to arbitrary code execution when the application processes the file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10037 - WebTester OS Command Injection Vulnerability

CVE ID : CVE-2013-10037 Published : July 31, 2025, 3:15 p.m. | 43 minutes ago Description : An OS command injection vulnerability exists in WebTester version 5.x via the install2.php installation script. The parameters cpusername, cppassword, and cpdomain are passed directly to shell commands without sanitization. A remote unauthenticated attacker can exploit this flaw by sending a crafted HTTP POST request, resulting in arbitrary command execution on the underlying system with web server privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10038 - FlashChat Arbitrary File Upload Vulnerability

CVE ID : CVE-2013-10038 Published : July 31, 2025, 3:15 p.m. | 43 minutes ago Description : An unauthenticated arbitrary file upload vulnerability exists in FlashChat versions 6.0.2 and 6.0.4 through 6.0.8. The upload.php endpoint fails to properly validate file types and authentication, allowing attackers to upload malicious PHP scripts. Once uploaded, these scripts can be executed remotely, resulting in arbitrary code execution as the web server user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10039 - GestioIP Command Injection Vulnerability

CVE ID : CVE-2013-10039 Published : July 31, 2025, 3:15 p.m. | 43 minutes ago Description : A command injection vulnerability exists in GestioIP 3.0 commit ac67be and earlier in ip_checkhost.cgi. Crafted input to the 'ip' parameter allows attackers to execute arbitrary shell commands on the server via embedded base64-encoded payloads. Authentication may be required depending on deployment configuration. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2013-10040 - ClipBucket Remote Code Execution Vulnerability

CVE ID : CVE-2013-10040 Published : July 31, 2025, 3:15 p.m. | 43 minutes ago Description : ClipBucket version 2.6 and earlier contains a critical vulnerability in the ofc_upload_image.php script located at /admin_area/charts/ofc-library/. This endpoint allows unauthenticated users to upload arbitrary files, including executable PHP scripts. Once uploaded, the attacker can access the file via a predictable path and trigger remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 15:15:00 GMT

read more

CVE-2025-54589 - Copyparty Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-54589 Published : July 31, 2025, 2:15 p.m. | 49 minutes ago Description : Copyparty is a portable file server. In versions 1.18.6 and below, when accessing the recent uploads page at `/?ru`, users can filter the results using an input field at the top. This field appends a filter parameter to the URL, which reflects its value directly into a `` block without proper escaping, allowing for reflected Cross-Site Scripting (XSS) and can be exploited against both authenticated and unauthenticated users. This is fixed in version 1.18.7. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 14:15:00 GMT

read more

CVE-2025-7738 - GitHub Enterprise Ansible Automation Platform Clear Text Client Secret Exposure

CVE ID : CVE-2025-7738 Published : July 31, 2025, 2:15 p.m. | 49 minutes ago Description : A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users, the clear text exposure of sensitive credentials increases the risk of accidental leaks or misuse. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 14:15:00 GMT

read more

CVE-2025-8407 - Apache Code-projects Vehicle Management SQL Injection Vulnerability

CVE ID : CVE-2025-8407 Published : July 31, 2025, 2:15 p.m. | 49 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Vehicle Management 1.0. This issue affects some unknown processing of the file /filter2.php. The manipulation of the argument from leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 14:15:00 GMT

read more

CVE-2025-8213 - NinjaScanner WordPress File Deletion Vulnerability

CVE ID : CVE-2025-8213 Published : July 31, 2025, 1:15 p.m. | 1 hour, 49 minutes ago Description : The NinjaScanner – Virus & Malware scan plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'nscan_ajax_quarantine' and 'nscan_quarantine_select' functions in all versions up to, and including, 3.2.5. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, including files outside the WordPress root directory. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 13:15:00 GMT

read more

CVE-2025-8068 - Elementor HT Mega Absolute Addons WordPress Unauthorized Data Manipulation Vulnerability

CVE ID : CVE-2025-8068 Published : July 31, 2025, 12:15 p.m. | 2 hours, 49 minutes ago Description : The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to an improper capability check on the 'ajax_trash_templates' function in all versions up to, and including, 2.9.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary attachment files, and move arbitrary posts, pages, and templates to the Trash. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8151 - HT Mega – Absolute Addons For Elementor Path Traversal Vulnerability

CVE ID : CVE-2025-8151 Published : July 31, 2025, 12:15 p.m. | 2 hours, 49 minutes ago Description : The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.9.1 via the 'save_block_css' function. This makes it possible for authenticated attackers, with Author-level access and above, to create CSS files in any directory, and delete CSS files in any directory in a Windows environment. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8381 - Campcodes Online Hotel Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-8381 Published : July 31, 2025, 12:15 p.m. | 2 hours, 49 minutes ago Description : A vulnerability, which was classified as critical, has been found in Campcodes Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /add_reserve.php. The manipulation of the argument room_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8382 - Campcodes Online Hotel Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-8382 Published : July 31, 2025, 12:15 p.m. | 2 hours, 49 minutes ago Description : A vulnerability, which was classified as critical, was found in Campcodes Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/edit_room.php. The manipulation of the argument room_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8401 - HT Mega – Absolute Addons For Elementor Information Disclosure

CVE ID : CVE-2025-8401 Published : July 31, 2025, 12:15 p.m. | 2 hours, 49 minutes ago Description : The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.1 via the 'get_post_data' function. This makes it possible for authenticated attackers, with Author-level access and above, to extract sensitive data including the content of private, password-protected, and draft posts and pages. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 12:15:00 GMT

read more

CVE-2025-8379 - Campcodes Online Hotel Reservation System File Upload Vulnerability

CVE ID : CVE-2025-8379 Published : July 31, 2025, 11:15 a.m. | 3 hours, 49 minutes ago Description : A vulnerability classified as critical has been found in Campcodes Online Hotel Reservation System 1.0. This affects an unknown part of the file /admin/edit_room.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 11:15:00 GMT

read more

CVE-2025-8380 - Campcodes Online Hotel Reservation System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8380 Published : July 31, 2025, 11:15 a.m. | 3 hours, 49 minutes ago Description : A vulnerability classified as problematic was found in Campcodes Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /admin/add_query_account.php. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 11:15:00 GMT

read more

CVE-2025-2813 - Apache HTTP Server DoS

CVE ID : CVE-2025-2813 Published : July 31, 2025, 10:15 a.m. | 4 hours, 49 minutes ago Description : An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-40980 - UltimateFosters UltimatePOS Stored Cross Site Scripting

CVE ID : CVE-2025-40980 Published : July 31, 2025, 10:15 a.m. | 4 hours, 49 minutes ago Description : A Stored Cross Site Scripting vulnerability has been found in UltimatePOS by UltimateFosters. This vulnerability is due to the lack of proper validation of user inputs via ‘/products//edit’, affecting to ‘name’ parameter via POST. The vulnerability could allow a remote attacker to send a specially crafted query to an authenticated user and steal his/her session cookies details. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-41688 - Apache Solr Command Injection Vulnerability

CVE ID : CVE-2025-41688 Published : July 31, 2025, 10:15 a.m. | 4 hours, 49 minutes ago Description : A high privileged remote attacker can execute arbitrary OS commands using an undocumented method allowing to escape the implemented LUA sandbox. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-8376 - Code-projects Vehicle Management SQL Injection Vulnerability

CVE ID : CVE-2025-8376 Published : July 31, 2025, 10:15 a.m. | 4 hours, 49 minutes ago Description : A vulnerability classified as critical has been found in code-projects Vehicle Management 1.0. Affected is an unknown function of the file /updatebal.php. The manipulation of the argument company leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-8378 - Campcodes Online Hotel Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-8378 Published : July 31, 2025, 10:15 a.m. | 4 hours, 49 minutes ago Description : A vulnerability was found in Campcodes Online Hotel Reservation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 10:15:00 GMT

read more

CVE-2025-24853 - Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-24853 Published : July 31, 2025, 9:15 a.m. | 5 hours, 49 minutes ago Description : A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this kind of attack too. Apache JSPWiki users should upgrade to 2.12.3 or later. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-24854 - Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-24854 Published : July 31, 2025, 9:15 a.m. | 5 hours, 49 minutes ago Description : A carefully crafted request using the Image plugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.3 or later. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-8192 - Android TvSettings AppRestrictionsFragment Launch Anywhere Vulnerability

CVE ID : CVE-2025-8192 Published : July 31, 2025, 9:15 a.m. | 5 hours, 49 minutes ago Description : There exists a TOCTOU race condition in TvSettings AppRestrictionsFragment.java that lead to start of attacker supplied activity in Settings’ context, i.e. system-uid context, thus lead to launchAnyWhere. The core idea is to utilize the time window between the check of Intent and the use to Intent to change the target component’s state, thus bypass the original security sanitize function. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-8374 - Code-projects Vehicle Management SQL Injection Vulnerability

CVE ID : CVE-2025-8374 Published : July 31, 2025, 9:15 a.m. | 5 hours, 49 minutes ago Description : A vulnerability was found in code-projects Vehicle Management 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /addcompany.php. The manipulation of the argument company leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-8375 - Apache Code-projects Vehicle Management SQL Injection Vulnerability

CVE ID : CVE-2025-8375 Published : July 31, 2025, 9:15 a.m. | 5 hours, 49 minutes ago Description : A vulnerability was found in code-projects Vehicle Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /addvehicle.php. The manipulation of the argument vehicle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 09:15:00 GMT

read more

CVE-2025-54757 - PowerCMS Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-54757 Published : July 31, 2025, 8:15 a.m. | 6 hours, 49 minutes ago Description : Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded by a product user, an arbitrary script may be executed on the browser. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-7205 - GiveWP Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7205 Published : July 31, 2025, 8:15 a.m. | 6 hours, 49 minutes ago Description : The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the donor notes parameter in all versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with GiveWP worker-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Additionally, they need to trick an administrator into visiting the legacy version of the site. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-8372 - Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8372 Published : July 31, 2025, 8:15 a.m. | 6 hours, 49 minutes ago Description : A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/update_s7.php. The manipulation of the argument credits leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-8373 - Code-projects Vehicle Management SQL Injection

CVE ID : CVE-2025-8373 Published : July 31, 2025, 8:15 a.m. | 6 hours, 49 minutes ago Description : A vulnerability was found in code-projects Vehicle Management 1.0. It has been classified as critical. This affects an unknown part of the file /print.php. The manipulation of the argument sno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-41391 - PowerCMS Cross-Site Scripting (XSS)

CVE ID : CVE-2025-41391 Published : July 31, 2025, 8:15 a.m. | 4 hours, 49 minutes ago Description : Stored cross-site scripting vulnerability exists in multiple versions of PowerCMS. If a product user accesses a malicious page, an arbitrary script may be executed on the browser. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-41396 - PowerCMS Path Traversal Vulnerability

CVE ID : CVE-2025-41396 Published : July 31, 2025, 8:15 a.m. | 4 hours, 49 minutes ago Description : A path traversal issue exists in file uploading feature of multiple versions of PowerCMS. Arbitrary files may be overwritten by a product user. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-46359 - PowerCMS Path Traversal RCE Vulnerability

CVE ID : CVE-2025-46359 Published : July 31, 2025, 8:15 a.m. | 4 hours, 49 minutes ago Description : A path traversal issue exists in backup and restore feature of multiple versions of PowerCMS. A product administrator may execute arbitrary code by restoring a crafted backup file. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-54752 - PowerCMS CSV Injection Vulnerability

CVE ID : CVE-2025-54752 Published : July 31, 2025, 8:15 a.m. | 4 hours, 49 minutes ago Description : Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product user creates a malformed entry and a victim user downloads it as a CSV file and opens it in the user's environment, the embedded code may be executed. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-36563 - PowerCMS Cross-Site Scripting (XSS)

CVE ID : CVE-2025-36563 Published : July 31, 2025, 8:15 a.m. | 2 hours, 49 minutes ago Description : Reflected cross-site scripting vulnerability exists in multiple versions of PowerCMS. If a product administrator accesses a crafted URL, an arbitrary script may be executed on the browser. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 08:15:00 GMT

read more

CVE-2025-8370 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8370 Published : July 31, 2025, 7:15 a.m. | 3 hours, 49 minutes ago Description : A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9. Affected is an unknown function of the file /intranet/educar_escolaridade_lst.php. The manipulation of the argument descricao leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 07:15:00 GMT

read more

CVE-2025-8371 - Code-projects Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8371 Published : July 31, 2025, 7:15 a.m. | 3 hours, 49 minutes ago Description : A vulnerability has been found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/update_s5.php. The manipulation of the argument credits leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 07:15:00 GMT

read more

CVE-2025-53558 - ZTE Japan K.K. ZXHN-F660T/F660A Default Credential Vulnerability

CVE ID : CVE-2025-53558 Published : July 31, 2025, 6:15 a.m. | 4 hours, 49 minutes ago Description : ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all installations. With the knowledge of the credential, an attacker may log in to the affected devices. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 06:15:00 GMT

read more

CVE-2025-8368 - Portabilis i-Educar Cross Site Scripting Vulnerability

CVE ID : CVE-2025-8368 Published : July 31, 2025, 6:15 a.m. | 4 hours, 49 minutes ago Description : A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisa_pessoa_lst.php. The manipulation of the argument campo_busca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 06:15:00 GMT

read more

CVE-2025-8369 - Portabilis i-Educar Cross Site Scripting Vulnerability

CVE ID : CVE-2025-8369 Published : July 31, 2025, 6:15 a.m. | 4 hours, 49 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9. This issue affects some unknown processing of the file /intranet/educar_avaliacao_desempenho_lst.php. The manipulation of the argument titulo_avaliacao leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 06:15:00 GMT

read more

CVE-2025-8367 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8367 Published : July 31, 2025, 5:15 a.m. | 5 hours, 49 minutes ago Description : A vulnerability classified as problematic has been found in Portabilis i-Educar 2.9. This affects an unknown part of the file /intranet/funcionario_vinculo_lst.php. The manipulation of the argument nome leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 05:15:00 GMT

read more

CVE-2025-5720 - WooCommerce Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-5720 Published : July 31, 2025, 5:15 a.m. | 4 hours, 6 minutes ago Description : The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘author’ parameter in all versions up to, and including, 5.80.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 05:15:00 GMT

read more

CVE-2025-7847 - WordPress AI Engine Plugin Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-7847 Published : July 31, 2025, 5:15 a.m. | 4 hours, 6 minutes ago Description : The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the rest_simpleFileUpload() function in versions 2.9.3 and 2.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server when the REST API is enabled, which may make remote code execution possible. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 05:15:00 GMT

read more

CVE-2025-8366 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8366 Published : July 31, 2025, 5:15 a.m. | 4 hours, 6 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /intranet/educar_servidor_lst.php. The manipulation of the argument nome/matricula_servidor leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 05:15:00 GMT

read more

CVE-2025-8348 - Kehua Charging Pile Cloud Platform Remote Authentication Bypass Vulnerability

CVE ID : CVE-2025-8348 Published : July 31, 2025, 4:16 a.m. | 5 hours, 6 minutes ago Description : A vulnerability has been found in Kehua Charging Pile Cloud Platform 1.0 and classified as critical. This vulnerability affects unknown code of the file /home. The manipulation leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 04:16:00 GMT

read more

CVE-2025-8365 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8365 Published : July 31, 2025, 4:16 a.m. | 5 hours, 6 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file atendidos_cad.php. The manipulation of the argument nome/nome_social/email leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 04:16:00 GMT

read more

CVE-2025-54828 - Apache HTTP Server Information Disclosure

CVE ID : CVE-2025-54828 Published : July 31, 2025, 3:15 a.m. | 6 hours, 6 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54829 - Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-54829 Published : July 31, 2025, 3:15 a.m. | 6 hours, 6 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-8345 - Shanghai Lingdang Information Technology Lingdang CRM SQL Injection

CVE ID : CVE-2025-8345 Published : July 31, 2025, 3:15 a.m. | 6 hours, 6 minutes ago Description : A vulnerability classified as critical was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this vulnerability is the function delete_user of the file crm/WeiXinApp/yunzhijia/yunzhijiaApi.php. The manipulation of the argument function leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.6.5.2 is able to address this issue. It is recommended to upgrade the affected component. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-8346 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8346 Published : July 31, 2025, 3:15 a.m. | 6 hours, 6 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /educar_aluno_lst.php. The manipulation of the argument ref_cod_matricula with the input "> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-8347 - Kehua Charging Pile Cloud Platform SQL Injection Vulnerability

CVE ID : CVE-2025-8347 Published : July 31, 2025, 3:15 a.m. | 6 hours, 6 minutes ago Description : A vulnerability, which was classified as critical, was found in Kehua Charging Pile Cloud Platform 1.0. This affects an unknown part of the file /sys/task/findAllTask. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2023-41674 - Apache HTTP Server SQL Injection

CVE ID : CVE-2023-41674 Published : July 31, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54823 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-54823 Published : July 31, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54824 - Apache HTTP Server Unvalidated User Input Vulnerability

CVE ID : CVE-2025-54824 Published : July 31, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54825 - Microsoft Internet Information Services (IIS) XML External Entity (XXE) Injection

CVE ID : CVE-2025-54825 Published : July 31, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54826 - Apache HTTP Server SSRF

CVE ID : CVE-2025-54826 Published : July 31, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-54827 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-54827 Published : July 31, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 03:15:00 GMT

read more

CVE-2025-8344 - OpenViglet Shio Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-8344 Published : July 31, 2025, 2:15 a.m. | 5 hours, 39 minutes ago Description : A vulnerability classified as critical has been found in openviglet shio up to 0.3.8. Affected is the function shStaticFileUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 02:15:00 GMT

read more

CVE-2025-8340 - Code-projects Intern Membership Management System Cross Site Scripting Vulnerability

CVE ID : CVE-2025-8340 Published : July 31, 2025, 1:15 a.m. | 6 hours, 39 minutes ago Description : A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file fill_details.php of the component Error Message Handler. The manipulation of the argument email leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 01:15:00 GMT

read more

CVE-2025-8343 - OpenViglet Shio Remote Path Traversal Vulnerability

CVE ID : CVE-2025-8343 Published : July 31, 2025, 1:15 a.m. | 6 hours, 39 minutes ago Description : A vulnerability was found in openviglet shio up to 0.3.8. It has been rated as critical. This issue affects the function shStaticFilePreUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument fileName leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 01:15:00 GMT

read more

CVE-2025-8339 - Code-projects Intern Membership Management System SQL Injection

CVE ID : CVE-2025-8339 Published : July 31, 2025, 1:15 a.m. | 5 hours, 49 minutes ago Description : A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /student_login.php. The manipulation of the argument user_name/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 01:15:00 GMT

read more

CVE-2025-8338 - Projectworlds Online Admission System SQL Injection

CVE ID : CVE-2025-8338 Published : July 31, 2025, 12:15 a.m. | 6 hours, 49 minutes ago Description : A vulnerability was found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /adminac.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-49083 - Absolute Secure Access Console Deserialization Vulnerability

CVE ID : CVE-2025-49083 Published : July 31, 2025, 12:15 a.m. | 5 hours, 39 minutes ago Description : CVE-2025-49083 is a vulnerability in the management console of Absolute Secure Access after version 12.00 and prior to version 13.56. Attackers with administrative access to the console can cause unsafe content to be deserialized and executed in the security context of the console. The attack complexity is low and there are no attack requirements. Privileges required are high and there is no user interaction required. The impact to confidentiality is low, impact to integrity is high and there is no impact to availability. The impact to the confidentiality and integrity of subsequent systems is low and there is no subsequent system impact to availability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-49084 - Absolute Secure Access Policy Rule Overwrite Vulnerability

CVE ID : CVE-2025-49084 Published : July 31, 2025, 12:15 a.m. | 5 hours, 39 minutes ago Description : CVE-2025-49084 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access can overwrite policy rules without the requisite permissions. The attack complexity is low, attack requirements are present, privileges required are high and no user interaction is required. There is no impact to confidentiality, the impact to integrity is low, and there is no impact to availability. The impact to confidentiality and availability of subsequent systems is high and the impact to the integrity of subsequent systems is low. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-54085 - Absolute Secure Access Improper Permission Bypass

CVE ID : CVE-2025-54085 Published : July 31, 2025, 12:15 a.m. | 5 hours, 39 minutes ago Description : CVE-2025-54085 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly read or change other settings. The attack complexity is low, there are no preexisting attack requirements; the privileges required are high, and there is no user interaction required. The impact to system confidentiality and integrity is low, there is no impact to system availability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-36039 - IBM Aspera Faspex Authentication Bypass Vulnerability

CVE ID : CVE-2025-36039 Published : July 31, 2025, 12:15 a.m. | 5 hours, 9 minutes ago Description : IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms, Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-36040 - IBM Aspera Faspex Client-Side Security Mechanism Bypass Vulnerability

CVE ID : CVE-2025-36040 Published : July 31, 2025, 12:15 a.m. | 5 hours, 9 minutes ago Description : IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-49082 - Absolute Secure Access Management Console Permission Bypass

CVE ID : CVE-2025-49082 Published : July 31, 2025, 12:15 a.m. | 5 hours, 9 minutes ago Description : CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly read other settings. The attack complexity is low, there are no preexisting attack requirements; the privileges required are high, and there is no user interaction required. The impact to system confidentiality is low, there is no impact to system availability or integrity. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 31 Jul 2025 00:15:00 GMT

read more

CVE-2025-8337 - Simple Car Rental System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-8337 Published : July 30, 2025, 11:15 p.m. | 6 hours, 9 minutes ago Description : A vulnerability, which was classified as problematic, has been found in code-projects Simple Car Rental System 1.0. This issue affects some unknown processing of the file /admin/add_vehicles.php. The manipulation of the argument car_name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 23:15:00 GMT

read more

CVE-2025-7356 - CVE-2020-29461: Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-7356 Published : July 30, 2025, 11:15 p.m. | 4 hours, 39 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 23:15:00 GMT

read more

CVE-2025-8336 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8336 Published : July 30, 2025, 11:15 p.m. | 4 hours, 39 minutes ago Description : A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_user. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 23:15:00 GMT

read more

CVE-2024-11478 - CVE-2021-3719: Apache Commons Text XML External Entity (XXE) Injection

CVE ID : CVE-2024-11478 Published : July 30, 2025, 11:15 p.m. | 4 hours, 9 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 23:15:00 GMT

read more

CVE-2025-54586 - GitProxy GitHub Commit Exfiltration Vulnerability

CVE ID : CVE-2025-54586 Published : July 30, 2025, 10:15 p.m. | 5 hours, 9 minutes ago Description : GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren’t pointed to by any branch. Although these “hidden” commits never show up in the repository’s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High‑impact vulnerability because it completely compromises repository confidentiality. This is fixed in version 1.19.2. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 22:15:00 GMT

read more

CVE-2025-8334 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8334 Published : July 30, 2025, 10:15 p.m. | 5 hours, 9 minutes ago Description : A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_recruitment_status. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 22:15:00 GMT

read more

CVE-2025-8335 - Simple Car Rental System Cross-Site Request Forgery

CVE ID : CVE-2025-8335 Published : July 30, 2025, 10:15 p.m. | 5 hours, 9 minutes ago Description : A vulnerability classified as problematic has been found in code-projects Simple Car Rental System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 22:15:00 GMT

read more

CVE-2025-54585 - GitProxy Branch Creation ByPass Vulnerability

CVE ID : CVE-2025-54585 Published : July 30, 2025, 9:15 p.m. | 6 hours, 9 minutes ago Description : GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can exploit the way GitProxy handles new branch creation to bypass the approval of prior commits on the parent branch. The vulnerability impacts all users or organizations relying on GitProxy to enforce policy and prevent unapproved changes. It requires no elevated privileges beyond regular push access, and no extra user interaction. It does however, require a GitProxy administrator or designated user (canUserApproveRejectPush) to approve pushes to the child branch. This is fixed in version 1.19.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 21:15:00 GMT

read more

CVE-2025-8332 - Code-projects Online Farm System SQL Injection Vulnerability

CVE ID : CVE-2025-8332 Published : July 30, 2025, 9:15 p.m. | 6 hours, 9 minutes ago Description : A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /register.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 21:15:00 GMT

read more

CVE-2025-8333 - Code-projects Online Farm System SQL Injection Vulnerability

CVE ID : CVE-2025-8333 Published : July 30, 2025, 9:15 p.m. | 6 hours, 9 minutes ago Description : A vulnerability was found in code-projects Online Farm System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /categoryvalue.php. The manipulation of the argument Value leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 21:15:00 GMT

read more

CVE-2025-54583 - GitProxy Unauthorized Push Vulnerability

CVE ID : CVE-2025-54583 Published : July 30, 2025, 8:15 p.m. | 7 hours, 8 minutes ago Description : GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). Versions 1.19.1 and below allow users to push to remote repositories while bypassing policies and explicit approvals. Since checks and plugins are skipped, code containing secrets or unwanted changes could be pushed into a repository. This is fixed in version 1.19.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54584 - GitProxy Git Packfile Signature Bypass Vulnerability

CVE ID : CVE-2025-54584 Published : July 30, 2025, 8:15 p.m. | 7 hours, 8 minutes ago Description : GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within commit content and carefully constructing the packet structure, the attacker can trick the parser into treating invalid or unintended data as the packfile. Potentially, this would allow bypassing approval or hiding commits. This issue is fixed in version 1.19.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-8330 - Code-projects Vehicle Management SQL Injection

CVE ID : CVE-2025-8330 Published : July 30, 2025, 8:15 p.m. | 7 hours, 8 minutes ago Description : A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit1.php. The manipulation of the argument sno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-8331 - Code-projects Online Farm System SQL Injection Vulnerability

CVE ID : CVE-2025-8331 Published : July 30, 2025, 8:15 p.m. | 7 hours, 8 minutes ago Description : A vulnerability was found in code-projects Online Farm System 1.0 and classified as critical. This issue affects some unknown processing of the file /forgot_pass.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54575 - ImageSharp GIF Denial of Service

CVE ID : CVE-2025-54575 Published : July 30, 2025, 8:15 p.m. | 4 hours, 49 minutes ago Description : ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block (with a missing block terminator) can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. This leads to a denial of service. Applications processing untrusted GIF input should upgrade to a patched version. This issue is fixed in versions 2.1.11 and 3.1.11. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54576 - OAuth2-Proxy Regex Pattern Bypass Authentication Vulnerability

CVE ID : CVE-2025-54576 Published : July 30, 2025, 8:15 p.m. | 4 hours, 49 minutes ago Description : OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and below, oauth2-proxy deployments are vulnerable when using the skip_auth_routes configuration option with regex patterns. Attackers can bypass authentication by crafting URLs with query parameters that satisfy configured regex patterns, allowing unauthorized access to protected resources. The issue stems from skip_auth_routes matching against the full request URI. Deployments using skip_auth_routes with regex patterns containing wildcards or broad matching patterns are most at risk. This issue is fixed in version 7.11.0. Workarounds include: auditing all skip_auth_routes configurations for overly permissive patterns, replacing wildcard patterns with exact path matches where possible, ensuring regex patterns are properly anchored (starting with ^ and ending with $), or implementing custom validation that strips query parameters before regex matching. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54581 - Vproxy HTTP Proxy-Authorization Header DoS Vulnerability

CVE ID : CVE-2025-54581 Published : July 30, 2025, 8:15 p.m. | 4 hours, 49 minutes ago Description : vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::try_from and flows into parse_ttl_extension where it is parsed as a TTL value. If an attacker supplies a TTL of zero (e.g. by using a username such as 'configuredUser-ttl-0'), the modulo operation 'timestamp % ttl' will cause a division by zero panic, causing the server to crash causing a denial-of-service. This is fixed in version 2.4.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-54582 - Netty Deserialization Vulnerability

CVE ID : CVE-2025-54582 Published : July 30, 2025, 8:15 p.m. | 4 hours, 49 minutes ago Description : Rejected reason: Reason: This candidate was issued in error. Valid Netty requests are issued via https://github.com/netty/netty. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2024-48916 - Ceph JWT Algorithm Validation Bypass Vulnerability

CVE ID : CVE-2024-48916 Published : July 30, 2025, 8:15 p.m. | 3 hours, 29 minutes ago Description : Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of publication, a known patched version has yet to be published. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-51954 - ElectronHub AI Playground XSS

CVE ID : CVE-2025-51954 Published : July 30, 2025, 8:15 p.m. | 3 hours, 29 minutes ago Description : playground.electronhub.ai v1.1.9 was discovered to contain a cross-site scripting (XSS) vulnerability. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-52187 - Apache GetProjectsIdea School Management System XSS

CVE ID : CVE-2025-52187 Published : July 30, 2025, 8:15 p.m. | 3 hours, 29 minutes ago Description : GetProjectsIdea Create School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in my_profile_update_form1.php. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-53022 - TrustedFirmware-M Stack Buffer Overflow

CVE ID : CVE-2025-53022 Published : July 30, 2025, 8:15 p.m. | 3 hours, 29 minutes ago Description : TrustedFirmware-M (aka Trusted Firmware for M profile Arm CPUs) before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade (FWU) module does not validate the length field of the Type-Length-Value (TLV) structure for dependent components against the maximum allowed size. If the length specified in the TLV exceeds the size of the buffer allocated on the stack, the FWU module will overwrite the buffer (and potentially other stack data) with the TLV's value content. An attacker could exploit this by crafting a malicious TLV entry in the unprotected section of the MCUBoot upgrade image. By setting the length field to exceed the expected structure size, the attacker can manipulate the stack memory of the system during the upgrade process. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 20:15:00 GMT

read more

CVE-2025-50777 - AZIOT Smart Wi-Fi CCTV Camera Root Shell Access Vulnerability

CVE ID : CVE-2025-50777 Published : July 30, 2025, 7:15 p.m. | 4 hours, 29 minutes ago Description : The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data including Wi-Fi credentials and ONVIF service credentials stored in plaintext, enabling further compromise of the network and connected systems. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-51951 - Andisearch Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-51951 Published : July 30, 2025, 7:15 p.m. | 4 hours, 29 minutes ago Description : andisearch v0.5.249 was discovered to contain a cross-site scripting (XSS) vulnerability. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-8329 - Oracle Vehicle Management SQL Injection

CVE ID : CVE-2025-8329 Published : July 30, 2025, 7:15 p.m. | 4 hours, 29 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. This affects an unknown part of the file /filter3.php. The manipulation of the argument company leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-30103 - Dell SmartFabric OS10 Local Filesystem Access Vulnerability

CVE ID : CVE-2025-30103 Published : July 30, 2025, 7:15 p.m. | 3 hours, 49 minutes ago Description : Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-36608 - Dell SmartFabric OS10 XML External Entity Reference Denial of Service

CVE ID : CVE-2025-36608 Published : July 30, 2025, 7:15 p.m. | 3 hours, 49 minutes ago Description : Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-36609 - Dell SmartFabric OS10 Hard-coded Password Elevation of Privileges

CVE ID : CVE-2025-36609 Published : July 30, 2025, 7:15 p.m. | 3 hours, 49 minutes ago Description : Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. Severity: 2.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-50464 - "Iptime NAS Firmware Buffer Overflow Vulnerability"

CVE ID : CVE-2025-50464 Published : July 30, 2025, 7:15 p.m. | 3 hours, 49 minutes ago Description : A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENT_TYPE HTTP header into a fixed-size stack buffer (v8, allocated 8 bytes) without bounds checking. Since this operation occurs before authentication logic is executed, the vulnerability is exploitable pre-authentication. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 19:15:00 GMT

read more

CVE-2025-26332 - Dell XtremIO X2 TechAdvisor Insertion of Sensitive Information into Log File

CVE ID : CVE-2025-26332 Published : July 30, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-30105 - Dell XtremIO Log Injection Vulnerability

CVE ID : CVE-2025-30105 Published : July 30, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-30480 - Dell PowerProtect Data Manager Arbitrary File Read Vulnerability

CVE ID : CVE-2025-30480 Published : July 30, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : Dell PowerProtect Data Manager, versions prior to 19.19, contain(s) an Improper Input Validation vulnerability in PowerProtect Data Manager. A low privileged attacker with remote access could potentially exploit this vulnerability to read arbitrary files. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-8327 - Code-projects Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8327 Published : July 30, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : A vulnerability classified as critical was found in code-projects Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_s8.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-8328 - Apache Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8328 Published : July 30, 2025, 6:15 p.m. | 2 hours, 49 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Exam Form Submission 1.0. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument USN leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 18:15:00 GMT

read more

CVE-2025-45620 - Aver PTC310UV2 Information Disclosure

CVE ID : CVE-2025-45620 Published : July 30, 2025, 5:15 p.m. | 3 hours, 49 minutes ago Description : An issue in Aver PTC310UV2 v.0.1.0000.59 allows a remote attacker to obtain sensitive information via a crafted request Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2024-45955 - Rocket Software Rocket Zena SQL Injection Vulnerability

CVE ID : CVE-2024-45955 Published : July 30, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2025-25691 - PrestaShop PHAR Deserialization Code Execution Vulnerability

CVE ID : CVE-2025-25691 Published : July 30, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : A PHAR deserialization vulnerability in the component /themes/import of PrestaShop v8.2.0 allows attackers to execute arbitrary code via a crafted POST request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2025-25692 - PrestaShop PHAR Deserialization Remote Code Execution Vulnerability

CVE ID : CVE-2025-25692 Published : July 30, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : A PHAR deserialization vulnerability in the _getHeaders function of PrestaShop v8.2.0 allows attackers to execute arbitrary code via a crafted POST request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2025-36611 - Dell Encryption Link Following Privilege Escalation Vulnerability

CVE ID : CVE-2025-36611 Published : July 30, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access ('Link Following') Vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2025-45619 - Aver PTC310UV2 Remote Code Execution Vulnerability

CVE ID : CVE-2025-45619 Published : July 30, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : An issue in Aver PTC310UV2 firmware v.0.1.0000.59 allows a remote attacker to execute arbitrary code via the SendAction function Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 17:15:00 GMT

read more

CVE-2023-2593 - Linux TCP Connection Denial of Service

CVE ID : CVE-2023-2593 Published : July 30, 2025, 4:15 p.m. | 2 hours, 49 minutes ago Description : A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-50578 - LinuxServer.io Heimdall HTTP Header Injection and Open Redirect Vulnerability

CVE ID : CVE-2025-50578 Published : July 30, 2025, 4:15 p.m. | 2 hours, 49 minutes ago Description : LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP headers, specifically `X-Forwarded-Host` and `Referer`. An unauthenticated remote attacker can manipulate these headers to perform Host Header Injection and Open Redirect attacks. This allows the loading of external resources from attacker-controlled domains and unintended redirection of users, potentially enabling phishing, UI redress, and session theft. The vulnerability exists due to insufficient validation and trust of untrusted input, affecting the integrity and trustworthiness of the application. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-54656 - Apache Struts LookupDispatchAction Log Injection

CVE ID : CVE-2025-54656 Published : July 30, 2025, 4:15 p.m. | 2 hours, 49 minutes ago Description : ** UNSUPPORTED WHEN ASSIGNED ** Improper Output Neutralization for Logs vulnerability in Apache Struts. This issue affects Apache Struts Extras: before 2. When using LookupDispatchAction, in some cases, Struts may print untrusted input to the logs without any filtering. Specially-crafted input may lead to log output where part of the message masquerades as a separate log line, confusing consumers of the logs (either human or automated). As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-8312 - Devolutions Server PAM Deadlock Password Persistence Vulnerability

CVE ID : CVE-2025-8312 Published : July 30, 2025, 4:15 p.m. | 2 hours, 49 minutes ago Description : Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its intended check-out period due to a deadlock occurring in the scheduling service.This issue affects the following version(s) : * Devolutions Server 2025.2.5.0 and earlier Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-8353 - Devolutions Server JIT Group Access Bypass Vulnerability

CVE ID : CVE-2025-8353 Published : July 30, 2025, 4:15 p.m. | 2 hours, 49 minutes ago Description : UI synchronization issue in the Just-in-Time (JIT) access request approval interface in Devolutions Server 2025.2.4.0 and earlier allows a remote authenticated attacker to gain unauthorized access to deleted JIT Groups via stale UI state during standard checkout request processing. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 16:15:00 GMT

read more

CVE-2025-43018 - HP LaserJet Pro Printer Information Disclosure Vulnerability

CVE ID : CVE-2025-43018 Published : July 30, 2025, 3:15 p.m. | 3 hours, 49 minutes ago Description : Certain HP LaserJet Pro printers may be vulnerable to information disclosure when a non-authenticated user queries a device’s local address book. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-46811 - SUSE Manager WebSocket Root RCE

CVE ID : CVE-2025-46811 Published : July 30, 2025, 3:15 p.m. | 3 hours, 49 minutes ago Description : A Missing Authentication for Critical Function vulnerability in SUSE Manager allows anyone with access to the websocket at /rhn/websocket/minion/remote-commands to execute arbitrary commands as root. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 0.3.7-150600.3.6.2; Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.14-150600.4.17.1; Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.14-150600.4.17.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; SUSE Manager Server Module 4.3: from ? before 0.3.7-150400.3.39.4; SUSE Manager Server Module 4.3: from ? before 4.3.33-150400.3.55.2; SUSE Manager Server Module 4.3: from ? before 4.3.33-150400.3.55.2. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53111 - GLPI Unauthenticated Access Vulnerability

CVE ID : CVE-2025-53111 Published : July 30, 2025, 3:15 p.m. | 3 hours, 49 minutes ago Description : GLPI is a Free Asset and IT Management Software package. In versions 0.80 through 10.0.18, a lack of permission checks can result in unauthorized access to some resources. This is fixed in version 10.0.19. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53112 - GLPI Unauthorized Resource Deletion Vulnerability

CVE ID : CVE-2025-53112 Published : July 30, 2025, 3:15 p.m. | 3 hours, 49 minutes ago Description : GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.1.0 through 10.0.18, a lack of permission checks can result in unauthorized removal of some specific resources. This is fixed in version 10.0.19. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53113 - GLPI External Links Information Disclosure

CVE ID : CVE-2025-53113 Published : July 30, 2025, 3:15 p.m. | 3 hours, 49 minutes ago Description : GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.65 through 10.0.18, a technician can use the external links feature to fetch information on items they do not have the right to see. This is fixed in version 10.0.19. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53357 - GLPI Unauthorized Reservation Alteration

CVE ID : CVE-2025-53357 Published : July 30, 2025, 3:15 p.m. | 3 hours, 49 minutes ago Description : GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.78 through 10.0.18, a connected user can alter the reservations of another user. This is fixed in version 10.0.19. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-53944 - AutoGPT Authorization Bypass Vulnerability

CVE ID : CVE-2025-53944 Published : July 30, 2025, 3:15 p.m. | 3 hours, 49 minutes ago Description : AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents. In v0.6.15 and below, the external API's get_graph_execution_results endpoint has an authorization bypass vulnerability. While it correctly validates user access to the graph_id, it fails to verify ownership of the graph_exec_id parameter, allowing authenticated users to access any execution results by providing arbitrary execution IDs. The internal API implements proper validation for both parameters. This is fixed in v0.6.16. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-54433 - Bugsink File Path Traversal Vulnerability

CVE ID : CVE-2025-54433 Published : July 30, 2025, 3:15 p.m. | 3 hours, 49 minutes ago Description : Bugsink is a self-hosted error tracking service. In versions 1.4.2 and below, 1.5.0 through 1.5.4, 1.6.0 through 1.6.3, and 1.7.0 through 1.7.3, ingestion paths construct file locations directly from untrusted event_id input without validation. A specially crafted event_id can result in paths outside the intended directory, potentially allowing file overwrite or creation in arbitrary locations. Submitting such input requires access to a valid DSN, potentially exposing them. If Bugsink runs in a container, the effect is confined to the container’s filesystem. In non-containerized setups, the overwrite may affect other parts of the system accessible to that user. This is fixed in versions 1.4.3, 1.5.5, 1.6.4 and 1.7.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-54573 - CVAT Unvalidated Email Authentication Bypass

CVE ID : CVE-2025-54573 Published : July 30, 2025, 3:15 p.m. | 3 hours, 49 minutes ago Description : CVAT is an open source interactive video and image annotation tool for computer vision. In versions 1.1.0 through 2.41.0, email verification was not enforced when using Basic HTTP Authentication. As a result, users could create accounts using fake email addresses and use the product as verified users. Additionally, the missing email verification check leaves the system open to bot signups and further usage. CVAT 2.42.0 and later versions contain a fix for the issue. CVAT Enterprise customers have a workaround available; those customers may disable registration to prevent this issue. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2024-45515 - Zimbra Collaboration Cross-Site Scripting (XSS)

CVE ID : CVE-2024-45515 Published : July 30, 2025, 3:15 p.m. | 2 hours, 26 minutes ago Description : An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability exists in Zimbra webmail due to insufficient validation of the content type metadata when importing files into the briefcase. Attackers can exploit this issue by crafting a file with manipulated metadata, allowing them to bypass content type checks and execute arbitrary JavaScript within the victim's session. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 15:15:00 GMT

read more

CVE-2025-54410 - Docker Moby Firewalld Container Isolation Bypass

CVE ID : CVE-2025-54410 Published : July 30, 2025, 2:15 p.m. | 3 hours, 26 minutes ago Description : Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create iptables rules that isolate bridge networks, allowing any container to access all ports on any other container across different bridge networks on the same host. This breaks network segmentation between containers that should be isolated, creating significant risk in multi-tenant environments. Only containers in --internal networks remain protected. Workarounds include reloading firewalld and either restarting the docker daemon, re-creating bridge networks, or using rootless mode. Maintainers anticipate a fix for this issue in version 25.0.13. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-54425 - Umbraco Content Delivery API Cache Bypass Vulnerability

CVE ID : CVE-2025-54425 Published : July 30, 2025, 2:15 p.m. | 3 hours, 26 minutes ago Description : Umbraco is an ASP.NET CMS. In versions 13.0.0 through 13.9.2, 15.0.0 through 15.4.1 and 16.0.0 through 16.1.0, the content delivery API can be restricted from public access where an API key must be provided in a header to authorize the request. It's also possible to configure output caching, such that the delivery API outputs will be cached for a period of time, improving performance. There's an issue when these two things are used together, where caching doesn't vary by the header that contains the API key. As such, it's possible for a user without a valid API key to retrieve a response for a given path and query if it has recently been requested and cached by request with a valid key. This is fixed in versions 13.9.3, 15.4.4 and 16.1.1. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-54430 - Apache Dedupe GitHub Token Exfiltration

CVE ID : CVE-2025-54430 Published : July 30, 2025, 2:15 p.m. | 3 hours, 26 minutes ago Description : dedupe is a python library that uses machine learning to perform fuzzy matching, deduplication and entity resolution quickly on structured data. Before commit 3f61e79, a critical severity vulnerability has been identified within the .github/workflows/benchmark-bot.yml workflow, where a issue_comment can be triggered using the @benchmark body. This workflow is susceptible to exploitation as it checkout the ${{ github.event.issue.number }}, which correspond to the branch of the PR manipulated by potentially malicious actors, and where untrusted code may be executed. Running untrusted code may lead to the exfiltration of GITHUB_TOKEN, which in this workflow has write permissions on most of the scopes - in particular the contents one - and could lead to potential repository takeover. This is fixed by commit 3f61e79. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-54572 - Apache Ruby SAML Denial-of-Service Vulnerability

CVE ID : CVE-2025-54572 Published : July 30, 2025, 2:15 p.m. | 3 hours, 26 minutes ago Description : The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the message_max_bytesize setting configured. The vulnerability occurs because the SAML response is validated for Base64 format prior to checking the message size, leading to potential resource exhaustion. This is fixed in version 1.18.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-52567 - GLPI SSRF Vulnerability

CVE ID : CVE-2025-52567 Published : July 30, 2025, 2:15 p.m. | 3 hours, 6 minutes ago Description : GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 0.84 through 10.0.18, usage of RSS feeds or external calendars when planning is subject to SSRF exploit. The previous security patches provided since GLPI 10.0.4 were not robust enough for certain specific cases. This is fixed in version 10.0.19. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-52897 - GLPI Phishing Vulnerability in Planning Feature

CVE ID : CVE-2025-52897 Published : July 30, 2025, 2:15 p.m. | 3 hours, 6 minutes ago Description : GLPI is a Free Asset and IT Management Software package. In versions 9.1.0 through 10.0.18, an unauthenticated user can send a malicious link to attempt a phishing attack from the planning feature. This is fixed in version 10.0.19. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-53008 - GLPI Email Receiver Credentials Stealer

CVE ID : CVE-2025-53008 Published : July 30, 2025, 2:15 p.m. | 3 hours, 6 minutes ago Description : GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.3.1 through 10.0.19, a connected user can use a malicious payload to steal mail receiver credentials. This is fixed in version 10.0.19. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-54388 - Docker Moby iptables Rule Deletion and Recreation Vulnerability

CVE ID : CVE-2025-54388 Published : July 30, 2025, 2:15 p.m. | 3 hours, 6 minutes ago Description : Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 14:15:00 GMT

read more

CVE-2025-47001 - Adobe Experience Manager Stored XSS Vulnerability

CVE ID : CVE-2025-47001 Published : July 30, 2025, 1:15 p.m. | 4 hours, 6 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 13:15:00 GMT

read more

CVE-2025-8326 - Code-projects Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8326 Published : July 30, 2025, 1:15 p.m. | 4 hours, 6 minutes ago Description : A vulnerability classified as critical has been found in code-projects Exam Form Submission 1.0. Affected is an unknown function of the file /admin/delete_s7.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 13:15:00 GMT

read more

CVE-2025-6348 - WordPress Smart Slider 3 SQL Injection

CVE ID : CVE-2025-6348 Published : July 30, 2025, 9:15 a.m. | 6 hours, 4 minutes ago Description : The Smart Slider 3 plugin for WordPress is vulnerable to time-based SQL Injection via the ‘sliderid’ parameter in all versions up to, and including, 3.5.1.28 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 09:15:00 GMT

read more

CVE-2025-1221 - SiLabs EmberZNet Zigbee Stack Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-1221 Published : July 30, 2025, 8:15 a.m. | 7 hours, 4 minutes ago Description : A Zigbee Radio Co-Processor (RCP), which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system (CPCd) due to heavy Zigbee traffic, resulting in a Denial of Service (DoS) attack, Only hard reset will bring the device to normal operation Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 08:15:00 GMT

read more

CVE-2025-1394 - SiLabs EmberZNet Zigbee Stack Denial of Service and Data Leak Vulnerability

CVE ID : CVE-2025-1394 Published : July 30, 2025, 8:15 a.m. | 7 hours, 4 minutes ago Description : Failure to handle the error status returned by the buffer management APIs in SiLabs EmberZNet Zigbee stack may result in data leaks or potential Denial of Service (DoS). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 08:15:00 GMT

read more

CVE-2025-38498 - Linux Kernel Mount Namespace Permission Bypass Vulnerability

CVE ID : CVE-2025-38498 Published : July 30, 2025, 6:15 a.m. | 9 hours, 4 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount(2). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 06:15:00 GMT

read more

CVE-2025-8322 - Ventem e-School Missing Authorization Vulnerability

CVE ID : CVE-2025-8322 Published : July 30, 2025, 4:16 a.m. | 11 hours, 4 minutes ago Description : The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers with regular privilege to access administrator functions, including creating, modifying, and deleting accounts. They can even escalate any account to system administrator privilege. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 04:16:00 GMT

read more

CVE-2025-8323 - Ventem e-School Arbitrary File Upload Remote Code Execution

CVE ID : CVE-2025-8323 Published : July 30, 2025, 4:16 a.m. | 11 hours, 4 minutes ago Description : The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 04:16:00 GMT

read more

CVE-2025-8292 - Google Chrome Media Stream Use After Free Vulnerability

CVE ID : CVE-2025-8292 Published : July 30, 2025, 2:17 a.m. | 13 hours, 2 minutes ago Description : Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 02:17:00 GMT

read more

CVE-2025-4422 - Lenovo SMB Relay Vulnerability

CVE ID : CVE-2025-4422 Published : July 30, 2025, 1:15 a.m. | 14 hours, 4 minutes ago Description : The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/product_security/home Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4423 - Lenovo Remote Code Execution Vulnerability

CVE ID : CVE-2025-4423 Published : July 30, 2025, 1:15 a.m. | 14 hours, 4 minutes ago Description : The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/product_security/home Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4424 - Lenovo Remote Code Execution Vulnerability

CVE ID : CVE-2025-4424 Published : July 30, 2025, 1:15 a.m. | 14 hours, 4 minutes ago Description : The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/product_security/home Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4425 - Lenovo Power Manager Remote Code Execution Vulnerability

CVE ID : CVE-2025-4425 Published : July 30, 2025, 1:15 a.m. | 14 hours, 4 minutes ago Description : The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/product_security/home Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4426 - Lenovo Network Authentication Bypass Vulnerability

CVE ID : CVE-2025-4426 Published : July 30, 2025, 1:15 a.m. | 14 hours, 4 minutes ago Description : The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/product_security/home Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-8217 - Amazon Q Developer Visual Studio Code Extension Code Injection Vulnerability

CVE ID : CVE-2025-8217 Published : July 30, 2025, 1:15 a.m. | 14 hours, 4 minutes ago Description : The Amazon Q Developer Visual Studio Code (VS Code) extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making a successful API call to the Q Developer CLI. To mitigate this issue, users should upgrade to version v1.85.0. All installations of v1.84.0 should be removed from use. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-8320 - Tesla Wall Connector HTTP Content-Length Header Buffer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-8320 Published : July 30, 2025, 1:15 a.m. | 14 hours, 4 minutes ago Description : Tesla Wall Connector Content-Length Header Improper Input Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Tesla Wall Connector devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the HTTP Content-Length header. The issue results from the lack of proper validation of user-supplied data, which can result in memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26300. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-8321 - Tesla Wall Connector Firmware Downgrade Remote Code Execution Vulnerability

CVE ID : CVE-2025-8321 Published : July 30, 2025, 1:15 a.m. | 14 hours, 4 minutes ago Description : Tesla Wall Connector Firmware Downgrade Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Tesla Wall Connector devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware upgrade feature. The issue results from the lack of an anti-downgrade mechanism. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the device. Was ZDI-CAN-26299. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-0712 - Apache HTTP Server Unauthenticated Local Privilege Escalation

CVE ID : CVE-2025-0712 Published : July 30, 2025, 1:15 a.m. | 11 hours, 49 minutes ago Description : An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-25011 - Apache HTTP Server Uncontrolled Search Path Element Local Privilege Escalation

CVE ID : CVE-2025-25011 Published : July 30, 2025, 1:15 a.m. | 11 hours, 49 minutes ago Description : An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-4421 - Lenovo Critical Authentication Bypass Vulnerability

CVE ID : CVE-2025-4421 Published : July 30, 2025, 1:15 a.m. | 11 hours, 49 minutes ago Description : The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/product_security/home Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 01:15:00 GMT

read more

CVE-2025-43270 - Apple macOS Network Access Bypass Vulnerability

CVE ID : CVE-2025-43270 Published : July 30, 2025, 12:15 a.m. | 12 hours, 49 minutes ago Description : An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may gain unauthorized access to Local Network. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43273 - Apple macOS Sequoia Sandbox Escalation

CVE ID : CVE-2025-43273 Published : July 30, 2025, 12:15 a.m. | 12 hours, 49 minutes ago Description : A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43274 - "macOS Sequoia Sandbox Evasion"

CVE ID : CVE-2025-43274 Published : July 30, 2025, 12:15 a.m. | 12 hours, 49 minutes ago Description : A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43275 - Apple macOS Sandbox Escape Vulnerability

CVE ID : CVE-2025-43275 Published : July 30, 2025, 12:15 a.m. | 12 hours, 49 minutes ago Description : A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43276 - Apple iCloud Private Relay Multiple User Login Activation Failure

CVE ID : CVE-2025-43276 Published : July 30, 2025, 12:15 a.m. | 12 hours, 49 minutes ago Description : A logic error was addressed with improved error handling. This issue is fixed in macOS Sequoia 15.6. iCloud Private Relay may not activate when more than one user is logged in at the same time. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43277 - Apple Audio File Memory Corruption Vulnerability

CVE ID : CVE-2025-43277 Published : July 30, 2025, 12:15 a.m. | 12 hours, 49 minutes ago Description : The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted audio file may lead to memory corruption. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-8319 - "Apache Business Management Appliance Cross-Site Scripting"

CVE ID : CVE-2025-8319 Published : July 30, 2025, 12:15 a.m. | 12 hours, 49 minutes ago Description : the BMA login interface allows arbitrary JavaScript or HTML to be written straight into the page’s Document Object Model via the error= URL parameter Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43267 - Apple macOS Sequoia SQL Injection

CVE ID : CVE-2025-43267 Published : July 30, 2025, 12:15 a.m. | 9 hours, 5 minutes ago Description : An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. An app may be able to access sensitive user data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43265 - Apple WatchOS Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-43265 Published : July 30, 2025, 12:15 a.m. | 7 hours, 16 minutes ago Description : An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may disclose internal states of the app. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43266 - "Apple macOS Sandbox Escalation"

CVE ID : CVE-2025-43266 Published : July 30, 2025, 12:15 a.m. | 7 hours, 16 minutes ago Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43261 - Apple macOS Sandbox Escalation Vulnerability

CVE ID : CVE-2025-43261 Published : July 30, 2025, 12:15 a.m. | 4 hours, 49 minutes ago Description : A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43259 - Apple macOS Lockscreen Information Disclosure

CVE ID : CVE-2025-43259 Published : July 30, 2025, 12:15 a.m. | 3 hours, 11 minutes ago Description : This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker with physical access to a locked device may be able to view sensitive user information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43260 - Apple macOS Privilege Escalation Vulnerability

CVE ID : CVE-2025-43260 Published : July 30, 2025, 12:15 a.m. | 3 hours, 11 minutes ago Description : This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43244 - Apple macOS Unexpected System Termination Race Condition

CVE ID : CVE-2025-43244 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43245 - Apple macOS Downgrade Code Signing Vulnerability

CVE ID : CVE-2025-43245 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43246 - Apple macOS Sensitive User Data Access Vulnerability

CVE ID : CVE-2025-43246 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access sensitive user data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43247 - Apple macOS Root Privilege Escalation Permissions Vulnerability

CVE ID : CVE-2025-43247 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app with root privileges may be able to modify the contents of system files. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43248 - "Apple macOS Privilege Escalation Vulnerability"

CVE ID : CVE-2025-43248 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to gain root privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43249 - "macOS Logic Flaw Allows Root Privilege Escalation"

CVE ID : CVE-2025-43249 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43250 - Apple macOS Sandbox Escalation Vulnerability

CVE ID : CVE-2025-43250 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43251 - Apple macOS Sequoia Authorization Bypass

CVE ID : CVE-2025-43251 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.6. A local attacker may gain access to Keychain items. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43252 - Apple macOS Link Following Vulnerability

CVE ID : CVE-2025-43252 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15.6. A website may be able to access sensitive user data when resolving symlinks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43253 - Apple macOS Binary Launch Vulnerability

CVE ID : CVE-2025-43253 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to launch arbitrary binaries on a trusted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43254 - "Apple macOS File Processing Out-of-Bounds Read Vulnerability"

CVE ID : CVE-2025-43254 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. Processing a maliciously crafted file may lead to unexpected app termination. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-43256 - Apple macOS Root Privilege Escalation Vulnerability

CVE ID : CVE-2025-43256 Published : July 30, 2025, 12:15 a.m. | 49 minutes ago Description : This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 30 Jul 2025 00:15:00 GMT

read more

CVE-2025-40600 - SonicOS Externally-Controlled Format String Vulnerability

CVE ID : CVE-2025-40600 Published : July 29, 2025, 10:15 p.m. | 49 minutes ago Description : Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-4674 - Go VCS Command Execution Vulnerability

CVE ID : CVE-2025-4674 Published : July 29, 2025, 10:15 p.m. | 49 minutes ago Description : The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via "go get", are not affected. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-54126 - WAMR iwasm IPv4 Address Pool Vulnerability (Remote Access Bypass)

CVE ID : CVE-2025-54126 Published : July 29, 2025, 10:15 p.m. | 49 minutes ago Description : The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface (WASI) and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to accept all IP addresses. This can unintentionally expose the service to all incoming connections and bypass intended access restrictions. Services relying on --addr-pool for restricting access by IP may unintentionally become open to all external connections. This may lead to unauthorized access in production deployments, especially when users assume that specifying an IP without a subnet mask implies a default secure configuration. This is fixed in version 2.4.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-7361 - NI LabVIEW Code Injection Vulnerability

CVE ID : CVE-2025-7361 Published : July 29, 2025, 10:15 p.m. | 49 minutes ago Description : A code injection vulnerability due to an improper initialization check exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI using a CIN node. This vulnerability affects 32-bit NI LabVIEW 2025 Q1 and prior versions. LabVIEW 64-bit versions do not support CIN nodes and are not affected. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-7848 - NI LabVIEW Memory Corruption Vulnerability (Arbitrary Code Execution)

CVE ID : CVE-2025-7848 Published : July 29, 2025, 10:15 p.m. | 49 minutes ago Description : A memory corruption vulnerability due to improper input validation in lvpict.cpp exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2025-7849 - NI LabVIEW Memory Corruption Vulnerability

CVE ID : CVE-2025-7849 Published : July 29, 2025, 10:15 p.m. | 49 minutes ago Description : A memory corruption vulnerability due to improper error handling when a VILinkObj is null exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 22:15:00 GMT

read more

CVE-2024-43018 - Piwigo SQL Injection Vulnerability

CVE ID : CVE-2024-43018 Published : July 29, 2025, 8:15 p.m. | 2 hours, 49 minutes ago Description : Piwigo 13.8.0 and below is vulnerable to SQL Injection in the parameters max_level and min_register. These parameters are used in ws_user_gerList function from file include\ws_functions\pwg.users.php and this same function is called by ws.php file at some point can be used for searching users in advanced way in /admin.php?page=user_list. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-45346 - Bacula-web SQL Injection

CVE ID : CVE-2025-45346 Published : July 29, 2025, 8:15 p.m. | 2 hours, 49 minutes ago Description : SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-52490 - Couchbase Sync Gateway Password Disclosure Vulnerability

CVE ID : CVE-2025-52490 Published : July 29, 2025, 8:15 p.m. | 2 hours, 49 minutes ago Description : An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and sync_gateway.log, there are cleartext passwords in redacted and unredacted output. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-52899 - Tuleap User Enumeration Vulnerability

CVE ID : CVE-2025-52899 Published : July 29, 2025, 8:15 p.m. | 2 hours, 49 minutes ago Description : Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1750843170 and Tuleap Enterprise Edition prior to 16.8-4 and 16.9-2, the forgot password form allows for user enumeration. This is fixed in Tuleap Community Edition version 16.9.99.1750843170 and Tuleap Enterprise Edition 16.8-4 and 16.9-2. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-53102 - Discourse Unauthenticated WebAuthn Challenge Leak

CVE ID : CVE-2025-53102 Published : July 29, 2025, 8:15 p.m. | 2 hours, 49 minutes ago Description : Discourse is an open-source community discussion platform. Prior to version 3.4.7 on the `stable` branch and version 3.5.0.beta.8 on the `tests-passed` branch, upon issuing a physical security key for 2FA, the server generates a WebAuthn challenge, which the client signs. The challenge is not cleared from the user’s session after authentication, potentially allowing reuse and increasing security risk. This is fixed in versions 3.4.7 and 3.5.0.beta.8. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-53541 - Tuleap Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53541 Published : July 29, 2025, 8:15 p.m. | 2 hours, 49 minutes ago Description : Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1751892857 and Tuleap Enterprise Edition prior to 16.8-5 and 16.9-3, malicious users with some control over certain artifacts could insert malicious code when displaying the children of a parent artifact to force victims to execute the uncontrolled code. This is fixed in version Tuleap Community Edition prior to version 16.9.99.1751892857 and Tuleap Enterprise Edition prior to 16.8-5 and 16.9-3. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-53902 - Tuleap Information Disclosure Vulnerability

CVE ID : CVE-2025-53902 Published : July 29, 2025, 8:15 p.m. | 2 hours, 49 minutes ago Description : Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1752585665 and Tuleap Enterprise Edition prior to 16.8-6 and 16.9-5, users may potentially access confidential information from artifacts that they are not authorized to view. This is fixed in Tuleap Community Edition prior to version 16.9.99.1752585665 and Tuleap Enterprise Edition prior to 16.8-6 and 16.9-5. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2025-5684 - MetForm for Elementor Stored Cross-Site Scripting

CVE ID : CVE-2025-5684 Published : July 29, 2025, 8:15 p.m. | 2 hours, 49 minutes ago Description : The MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `mf-template` DOM Element in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 20:15:00 GMT

read more

CVE-2024-42651 - NanoMQ Heap Use-After-Free Denial of Service Vulnerability

CVE ID : CVE-2024-42651 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : NanoMQ v0.17.9 was discovered to contain a heap use-after-free vulnerability via the component sub_Ctx_handle. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SUBSCRIBE message. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2024-42655 - NanoMQ MQTT Wildcard Access Control Bypass

CVE ID : CVE-2024-42655 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2024-49828 - IBM Db2 Denial of Service Vulnerability

CVE ID : CVE-2024-49828 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2024-51473 - IBM Db2 Denial of Service Vulnerability

CVE ID : CVE-2024-51473 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2024-52894 - IBM Db2 Denial of Service

CVE ID : CVE-2024-52894 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-33092 - IBM Db2 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-33092 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-33114 - IBM Db2 Denial of Service Vulnerability

CVE ID : CVE-2025-33114 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to denial of service with a specially crafted query under certain non-default conditions. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-36071 - IBM Db2 Denial of Service Memory Corruption Vulnerability

CVE ID : CVE-2025-36071 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query due to improper release of memory resources. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-51044 - phpgurukul Nipah virus (NiV) Testing Management System SQL Injection

CVE ID : CVE-2025-51044 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : phpgurukul Nipah virus (NiV) Testing Management System 1.0 contains a SQL injection vulnerability in the /new-user-testing.php file, due to insufficient validation of user input for the " govtissuedid" parameter. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-51045 - PhpGurukul Pre-School Enrollment System SQL Injection

CVE ID : CVE-2025-51045 Published : July 29, 2025, 7:15 p.m. | 3 hours, 48 minutes ago Description : Phpgurukul Pre-School Enrollment System 1.0 contains a SQL injection vulnerability in the /admin/password-recovery.php file. This vulnerability is attributed to the insufficient validation of user input for the username parameter. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 19:15:00 GMT

read more

CVE-2025-7675 - Autodesk 3DM Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-7675 Published : July 29, 2025, 6:15 p.m. | 4 hours, 49 minutes ago Description : A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-5043 - Autodesk 3DM Heap-Based Overflow Vulnerability

CVE ID : CVE-2025-5043 Published : July 29, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-6631 - Autodesk PRT File Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-6631 Published : July 29, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-6635 - Autodesk PRT File Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-6635 Published : July 29, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-6636 - Autodesk PRT File Use-After-Free Vulnerability

CVE ID : CVE-2025-6636 Published : July 29, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-6637 - Autodesk PRT File Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-6637 Published : July 29, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-7497 - Autodesk PRT File Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-7497 Published : July 29, 2025, 6:15 p.m. | 3 hours, 5 minutes ago Description : A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-27514 - GLPI Kanban Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-27514 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.19. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-2179 - Palo Alto Networks GlobalProtect App Linux Privilege Escalation

CVE ID : CVE-2025-2179 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on Windows, macOS, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-2533 - IBM Db2 Denial of Service

CVE ID : CVE-2025-2533 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-2928 - Apache Solr SQL Injection

CVE ID : CVE-2025-2928 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : SQL Injection affecting the Archiver role. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-36010 - IBM Db2 Lock Wait Denial of Service

CVE ID : CVE-2025-36010 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 could allow an unauthenticated user to cause a denial of service due to executable segments that are waiting for each other to release a necessary lock. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-52284 - Totolink X6000R Command Injection Vulnerability

CVE ID : CVE-2025-52284 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : Totolink X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in the sub_4184C0 function via the tz parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53711 - TP-Link TL-WR841N Remote Buffer Overflow Denial-of-Service Vulnerability

CVE ID : CVE-2025-53711 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53712 - TP-Link TL-WR841N Web Service Denial-of-Service Buffer Overflow

CVE ID : CVE-2025-53712 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm_AP.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53713 - TP-Link TL-WR841N Remote DoS Buffer Overflow Vulnerability

CVE ID : CVE-2025-53713 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm_APC.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53714 - TP-Link TL-WR841N Remote Buffer Overflow DoS

CVE ID : CVE-2025-53714 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WzdWlanSiteSurveyRpm_AP.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-53715 - "TP-Link TL-WR841N Web Service Buffer Overflow DoS"

CVE ID : CVE-2025-53715 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/Wan6to4TunnelCfgRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-5038 - Autodesk X_T File Memory Corruption Vulnerability

CVE ID : CVE-2025-5038 Published : July 29, 2025, 6:15 p.m. | 49 minutes ago Description : A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 18:15:00 GMT

read more

CVE-2025-31965 - HCL BigFix Remote Control Server WebUI Information Disclosure Vulnerability

CVE ID : CVE-2025-31965 Published : July 29, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : Improper access restrictions in HCL BigFix Remote Control Server WebUI (versions 10.1.0.0248 and lower) allow non-admin users to view unauthorized information on certain web pages. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-44136 - MapTiler Tileserver-php XSS

CVE ID : CVE-2025-44136 Published : July 29, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS). The GET parameter "layer" is reflected in an error message without html encoding. This leads to XSS and allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victim's browser. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-44137 - MapTiler Tileserver-php Directory Traversal Vulnerability

CVE ID : CVE-2025-44137 Published : July 29, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for delivering tiles that are stored as files on the server via web request. Creating the path to a file allows the insertion of "../" and thus read any file on the web server. Affected GET parameters are "TileMatrix", "TileRow", "TileCol" and "Format" Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-54420 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-54420 Published : July 29, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : Rejected reason: This CVE is a duplicate of CVE-2025-8129. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-54432 - Apache HTTP Server Unvalidated User Input Remote Code Execution

CVE ID : CVE-2025-54432 Published : July 29, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : Rejected reason: This CVE is a duplicate of another CVE. See CVE-2018-25031 and CVE-2021-46708. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-5922 - TSplus Remote Access Admin Tool Unsalted PIN Hash Leak

CVE ID : CVE-2025-5922 Published : July 29, 2025, 5:15 p.m. | 1 hour, 49 minutes ago Description : Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC" option is enabled) and requires a PIN code. In versions below v18.40.6.17 the PIN's hash is stored in a system registry accessible to regular users, making it possible to perform a brute-force attack using rainbow tables, since the hash is not salted. LTS (Long-Term Support) versions also received patches in v17.2025.6.27 and v16.2025.6.27 releases. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 17:15:00 GMT

read more

CVE-2025-28171 - Grandstream UCM6510 Information Disclosure

CVE ID : CVE-2025-28171 Published : July 29, 2025, 4:15 p.m. | 49 minutes ago Description : An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the Login function at /cgi and /webrtccgi. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 16:15:00 GMT

read more

CVE-2025-28172 - Grandstream Networks UCM6510 Authentication Bypass

CVE ID : CVE-2025-28172 Published : July 29, 2025, 3:15 p.m. | 1 hour, 48 minutes ago Description : Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of Excessive Authentication Attempts. An attacker can perform an arbitrary number of authentication attempts using different passwords and eventually gain access to the targeted account using a brute force attack. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 15:15:00 GMT

read more

CVE-2025-46059 - Langchain-ai GmailToolkit Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-46059 Published : July 29, 2025, 3:15 p.m. | 1 hour, 48 minutes ago Description : langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 15:15:00 GMT

read more

CVE-2025-50738 - Apache Memos Information Disclosure Cross-Site Request Forgery

CVE ID : CVE-2025-50738 Published : July 29, 2025, 3:15 p.m. | 1 hour, 48 minutes ago Description : The Memos application, up to version v0.24.3, allows for the embedding of markdown images with arbitrary URLs. When a user views a memo containing such an image, their browser automatically fetches the image URL without explicit user consent or interaction beyond viewing the memo. This can be exploited by an attacker to disclose the viewing user's IP address, browser User-Agent string, and potentially other request-specific information to the attacker-controlled server, leading to information disclosure and user tracking. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 15:15:00 GMT

read more

CVE-2025-51970 - PuneethReddyHC Online Shopping System SQL Injection

CVE ID : CVE-2025-51970 Published : July 29, 2025, 3:15 p.m. | 1 hour, 48 minutes ago Description : A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 15:15:00 GMT

read more

CVE-2024-42644 - FlashMQ Assertion Failure Vulnerability

CVE ID : CVE-2024-42644 Published : July 29, 2025, 2:15 p.m. | 2 hours, 48 minutes ago Description : FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 14:15:00 GMT

read more

CVE-2024-42645 - FlashMQ Denial of Service (DoS) Vulnerability

CVE ID : CVE-2024-42645 Published : July 29, 2025, 2:15 p.m. | 2 hours, 48 minutes ago Description : An issue in FlashMQ v1.14.0 allows attackers to cause an assertion failure via sending a crafted retain message, leading to a Denial of Service (DoS). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 14:15:00 GMT

read more

CVE-2025-52358 - Vivaldi iCONTROL+ Server Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-52358 Published : July 29, 2025, 2:15 p.m. | 2 hours, 48 minutes ago Description : A cross-site scripting vulnerability in Vivaldi United Group iCONTROL+ Server including Firmware version 4.7.8.0.eden Logic version 5.32 and below. This issue allows attackers to inject JavaScript payloads within the error or edit-menu-item parameters which are then executed in the victim's browser session. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 14:15:00 GMT

read more

CVE-2025-40682 - Human Resource Management System SQL Injection

CVE ID : CVE-2025-40682 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-40683 - Oracle Human Resource Management System Reflected XSS

CVE ID : CVE-2025-40683 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccity' parameter in /city.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-40684 - Citrix Human Resource Management System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40684 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccountry' parameter in/country.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-40685 - SAP Human Resource Management System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40685 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searcstate' parameter in/state.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-40686 - Oracle Human Resource Management System Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40686 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'employeeid' parameter in/detailview.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-41241 - VMware vCenter Denial-of-Service Vulnerability

CVE ID : CVE-2025-41241 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : VMware vCenter contains a denial-of-service vulnerability. A malicious actor who is authenticated through vCenter and has permission to perform API calls for guest OS customisation may trigger this vulnerability to create a denial-of-service condition. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-54422 - Sandboxie Password Transmission Vulnerability

CVE ID : CVE-2025-54422 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.1 and below, a critical security vulnerability exists in password handling mechanisms. During encrypted sandbox creation, user passwords are transmitted via shared memory, exposing them to potential interception. The vulnerability is particularly severe during password modification operations, where both old and new passwords are passed as plaintext command-line arguments to the Imbox process without any encryption or obfuscation. This implementation flaw allows any process within the user session, including unprivileged processes, to retrieve these sensitive credentials by reading the command-line arguments, thereby bypassing standard privilege requirements and creating a significant security risk. This is fixed in version 1.16.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-6060 - DECE Software Geodi Cross-Site Scripting (XSS)

CVE ID : CVE-2025-6060 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in DECE Software Geodi allows Cross-Site Scripting (XSS).This issue affects Geodi: before GEODI Setup 9.0.146. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-6175 - DECE Software Geodi CRLF Injection Vulnerability

CVE ID : CVE-2025-6175 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in DECE Software Geodi allows HTTP Request Splitting.This issue affects Geodi: before GEODI Setup 9.0.146. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-6504 - HDP Server IP Spoofing Via X-Forwarded-For Header

CVE ID : CVE-2025-6504 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : In HDP Server versions below 4.6.2.2978 on Linux, unauthorized access could occur via IP spoofing using the X-Forwarded-For header. Since XFF is a client-controlled header, it could be spoofed, allowing unauthorized access if the spoofed IP matched a whitelisted range. This vulnerability could be exploited to bypass IP restrictions, though valid user credentials would still be required for resource access. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-6505 - Progress Software's Hybrid Data Pipeline Server OAuth Client Impersonation and Unauthorized Access Vulnerability

CVE ID : CVE-2025-6505 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress Software's Hybrid Data Pipeline Server on Linux. This vulnerability allows attackers to combine credentials from different sources, potentially leading to client impersonation and unauthorized access. When OAuth Clients perform an OAuth handshake with the Hybrid Data Pipeline Server, the server accepts client credentials from both HTTP headers and request parameters. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-7458 - SQLite Integer Overflow Denial of Service/Information Disclosure

CVE ID : CVE-2025-7458 Published : July 29, 2025, 1:15 p.m. | 3 hours, 49 minutes ago Description : An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a large number of expressions in the ORDER BY clause. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 13:15:00 GMT

read more

CVE-2025-5587 - WordPress Appzend Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-5587 Published : July 29, 2025, 12:15 p.m. | 4 hours, 49 minutes ago Description : The Appzend theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘progressbarLayout’ parameter in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 12:15:00 GMT

read more

CVE-2025-6730 - WooCommerce Free Gifts Lite - Unauthenticated Data Modification Vulnerability

CVE ID : CVE-2025-6730 Published : July 29, 2025, 10:15 a.m. | 6 hours, 49 minutes ago Description : The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlo_optin_call() function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to set the opt in status to success. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-7689 - Hydra Booking WordPress Privilege Escalation

CVE ID : CVE-2025-7689 Published : July 29, 2025, 10:15 a.m. | 6 hours, 49 minutes ago Description : The Hydra Booking plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the tfhb_reset_password_callback() function in versions 1.1.0 to 1.1.18. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the password of an Administrator user, achieving full privilege escalation. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-8196 - Elementor Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8196 Published : July 29, 2025, 10:15 a.m. | 6 hours, 49 minutes ago Description : The Magical Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Custom Attributes in all versions up to, and including, 1.3.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-8216 - Sky Addons for Elementor Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-8216 Published : July 29, 2025, 10:15 a.m. | 6 hours, 49 minutes ago Description : The Sky Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Multiple widgets in all versions up to, and including, 3.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-6681 - WordPress Fan Page Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6681 Published : July 29, 2025, 10:15 a.m. | 4 hours, 48 minutes ago Description : The Fan Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-6692 - YouTube Embed for WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-6692 Published : July 29, 2025, 10:15 a.m. | 4 hours, 48 minutes ago Description : The YouTube Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘instance’ parameter in all versions up to, and including, 10.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 10:15:00 GMT

read more

CVE-2025-26400 - SolarWinds Web Help Desk XXE Information Disclosure

CVE ID : CVE-2025-26400 Published : July 29, 2025, 8:15 a.m. | 6 hours, 48 minutes ago Description : SolarWinds Web Help Desk was reported to be affected by an XML External Entity Injection (XXE) vulnerability that could lead to information disclosure. A valid, low-privilege access is required unless the attacker had access to the local server to modify configuration files. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 08:15:00 GMT

read more

CVE-2025-53081 - Samsung DMS Arbitrary File Creation Vulnerability

CVE ID : CVE-2025-53081 Published : July 29, 2025, 6:15 a.m. | 8 hours, 48 minutes ago Description : An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 06:15:00 GMT

read more

CVE-2025-53082 - Samsung DMS Arbitrary File Deletion Vulnerability

CVE ID : CVE-2025-53082 Published : July 29, 2025, 6:15 a.m. | 8 hours, 48 minutes ago Description : An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete arbitrary files from unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 06:15:00 GMT

read more

CVE-2025-53649 - "SwitchBot Sensitive Information Exposure"

CVE ID : CVE-2025-53649 Published : July 29, 2025, 5:15 a.m. | 8 hours, 43 minutes ago Description : "SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-6495 - Bricks WordPress Blind SQL Injection

CVE ID : CVE-2025-6495 Published : July 29, 2025, 5:15 a.m. | 8 hours, 43 minutes ago Description : The Bricks theme for WordPress is vulnerable to blind SQL Injection via the ‘p’ parameter in all versions up to, and including, 1.12.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-8264 - "Z-Push SQL Injection Vulnerability"

CVE ID : CVE-2025-8264 Published : July 29, 2025, 5:15 a.m. | 8 hours, 43 minutes ago Description : Versions of the package z-push/z-push-dev before 2.7.6 are vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inject malicious commands by manipulating the username field in basic authentication. This allows the attacker to access and potentially modify or delete sensitive data from a linked third-party database. **Note:** This vulnerability affects Z-Push installations that utilize the IMAP backend and have the IMAP_FROM_SQL_QUERY option configured. Mitigation Change configuration to use the default or LDAP in backend/imap/config.php php define('IMAP_DEFAULTFROM', ''); or php define('IMAP_DEFAULTFROM', 'ldap'); Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-3075 - Elementor Website Builder Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3075 Published : July 29, 2025, 5:15 a.m. | 7 hours, 48 minutes ago Description : The Elementor Website Builder – More Than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'elementor-element' shortcode in all versions up to, and including, 3.29.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts sites with 'Element Caching' enabled. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-4370 - Brizy – Page Builder Unauthenticated File Upload Vulnerability

CVE ID : CVE-2025-4370 Published : July 29, 2025, 5:15 a.m. | 7 hours, 48 minutes ago Description : The Brizy – Page Builder plugin for WordPress is vulnerable to limited file uploads due to missing authorization on process_external_asset_urls function as well as missing path validation in store_file function in all versions up to, and including, 2.6.20. This makes it possible for unauthenticated attackers to upload .TXT files on the affected site's server. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-4566 - Elementor Website Builder Stored Cross-Site Scripting

CVE ID : CVE-2025-4566 Published : July 29, 2025, 5:15 a.m. | 7 hours, 48 minutes ago Description : The Elementor Website Builder – More Than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-text DOM element attribute in Text Path widget in all versions up to, and including, 3.30.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This attack affects only Chrome/Edge browsers Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-53077 - Samsung DMS Execution After Redirect Privilege Escalation Vulnerability

CVE ID : CVE-2025-53077 Published : July 29, 2025, 5:15 a.m. | 7 hours, 48 minutes ago Description : An execution after redirect in Samsung DMS(Data Management Server) allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-53078 - Samsung DMS Deserialization Code Execution Vulnerability

CVE ID : CVE-2025-53078 Published : July 29, 2025, 5:15 a.m. | 7 hours, 48 minutes ago Description : Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-53079 - Samsung DMS Path Traversal Vulnerability

CVE ID : CVE-2025-53079 Published : July 29, 2025, 5:15 a.m. | 7 hours, 48 minutes ago Description : Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-53080 - Samsung DMS Data Management Server Path Traversal Vulnerability

CVE ID : CVE-2025-53080 Published : July 29, 2025, 5:15 a.m. | 7 hours, 48 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create arbitrary files in unintended locations on the filesystem Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 05:15:00 GMT

read more

CVE-2025-7809 - StreamWeasels Twitch Integration Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7809 Published : July 29, 2025, 4:15 a.m. | 8 hours, 48 minutes ago Description : The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 04:15:00 GMT

read more

CVE-2025-7810 - StreamWeasels Kick Integration Stored Cross-Site Scripting

CVE ID : CVE-2025-7810 Published : July 29, 2025, 4:15 a.m. | 8 hours, 48 minutes ago Description : The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 04:15:00 GMT

read more

CVE-2025-7811 - StreamWeasels YouTube Integration WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-7811 Published : July 29, 2025, 4:15 a.m. | 8 hours, 48 minutes ago Description : The StreamWeasels YouTube Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'data-uuid' attribute in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 04:15:00 GMT

read more

CVE-2025-54665 - Apache HTTP Server Command Injection

CVE ID : CVE-2025-54665 Published : July 29, 2025, 3:15 a.m. | 9 hours, 48 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54666 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-54666 Published : July 29, 2025, 3:15 a.m. | 9 hours, 48 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54664 - Apache HTTP Server Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54664 Published : July 29, 2025, 3:15 a.m. | 8 hours, 43 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54661 - Citrix NetScaler Denial of Service

CVE ID : CVE-2025-54661 Published : July 29, 2025, 3:15 a.m. | 6 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54662 - VMware Server Remote Code Execution

CVE ID : CVE-2025-54662 Published : July 29, 2025, 3:15 a.m. | 6 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54663 - Google Maps Unvalidated Redirect

CVE ID : CVE-2025-54663 Published : July 29, 2025, 3:15 a.m. | 6 hours, 2 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 03:15:00 GMT

read more

CVE-2025-54767 - Xormon Original Process Kill Vulnerability

CVE ID : CVE-2025-54767 Published : July 29, 2025, 12:15 a.m. | 9 hours, 2 minutes ago Description : An authenticated, read-only user can kill any processes running on the Xormon Original virtual appliance as the lpar2rrd user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54768 - Fortinet Web Application Configuration Log Download Information Disclosure Vulnerability

CVE ID : CVE-2025-54768 Published : July 29, 2025, 12:15 a.m. | 9 hours, 2 minutes ago Description : An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to download logs from the appliance configuration, exposing sensitive information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54769 - Apache PERL Directory Traversal RCE

CVE ID : CVE-2025-54769 Published : July 29, 2025, 12:15 a.m. | 9 hours, 2 minutes ago Description : An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution (RCE) by an attacker. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54766 - Apache Appliance Unauthorized Configuration Export Vulnerability

CVE ID : CVE-2025-54766 Published : July 29, 2025, 12:15 a.m. | 7 hours, 42 minutes ago Description : An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to export the appliance configuration, exposing sensitive information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54765 - Fortinet Web Application Privilege Escalation Vulnerability

CVE ID : CVE-2025-54765 Published : July 29, 2025, 12:15 a.m. | 5 hours, 1 minute ago Description : An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to import the appliance configuration, allowing an attacker to control the configuration of the appliance, to include granting themselves administrative level permissions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 29 Jul 2025 00:15:00 GMT

read more

CVE-2025-54426 - Polkadot Frontier Curve25519 Precompute Invalid Input Handling

CVE ID : CVE-2025-54426 Published : July 28, 2025, 9:15 p.m. | 8 hours ago Description : Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristretto point representations. Instead of returning an error, they silently treat invalid input bytes as the Ristretto identity element, leading to potentially incorrect cryptographic results. This is fixed in commit 36f70d1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 21:15:00 GMT

read more

CVE-2025-54427 - Polkadot Frontier EVM Gas Price Manipulation Denial-of-Service

CVE ID : CVE-2025-54427 Published : July 28, 2025, 9:15 p.m. | 8 hours ago Description : Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. The extrinsic note_min_gas_price_target is an inherent extrinsic, meaning only the block producer can call it. To ensure correctness, the ProvideInherent trait should be implemented for each inherent, which includes the check_inherent call. This allows other nodes to verify if the input (in this case, the target value) is correct. However, prior to commit a754b3d, the check_inherent function has not been implemented for note_min_gas_price_target. This lets the block producer set the target value without verification. The target is then used to set the MinGasPrice, which has an upper and lower bound defined in the on_initialize hook. The block producer can set the target to the upper bound. Which also increases the upper and lower bounds for the next block. Over time, this could result in continuously raising the gas price, making contract execution too expensive and ineffective for users. An attacker could use this flaw to manipulate the gas price, potentially leading to significantly inflated transaction fees. Such manipulation could render contract execution prohibitively expensive for users, effectively resulting in a denial-of-service condition for the network. This is fixed in version a754b3d. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 21:15:00 GMT

read more

CVE-2025-54428 - RevelaCode MongoDB Atlas URI Exposure

CVE ID : CVE-2025-54428 Published : July 28, 2025, 9:15 p.m. | 8 hours ago Description : RevelaCode is an AI-powered faith-tech project that decodes biblical verses, prophecies and global events into accessible language. In versions below 1.0.1, a valid MongoDB Atlas URI with embedded username and password was accidentally committed to the public repository. This could allow unauthorized access to production or staging databases, potentially leading to data exfiltration, modification, or deletion. This is fixed in version 1.0.1. Workarounds include: immediately rotating credentials for the exposed database user, using a secret manager (like Vault, Doppler, AWS Secrets Manager, etc.) instead of storing secrets directly in code, or auditing recent access logs for suspicious activity. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 21:15:00 GMT

read more

CVE-2025-54429 - Polkadot Frontier CallableByContract AddressType Vulnerability

CVE ID : CVE-2025-54429 Published : July 28, 2025, 9:15 p.m. | 8 hours ago Description : Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. There are various account address types in Frontier, e.g. precompiled contracts, smart contracts, and externally owned accounts. Some EVM mechanisms should be unreachable by certain types of accounts for safety. For precompiles to be callable by smart contracts they must be explicitly configured as CallableByContract. If this configuration is absent, then the precompile should be unreachable via smart contract accounts. In commits prior to 0822030, the underlying implementation of CallableByContract which returned the AddressType was incorrect. It considered the contract address running under CREATE or CREATE2 to be AddressType::EOA rather than correctly as AddressType::Contract. The issue only affects users who use custom precompile implementations that utilize AddressType::EOA and AddressType::Contract. It's not directly exploitable in any of the predefined precompiles in Frontier. This is fixed in version 0822030. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 21:15:00 GMT

read more

CVE-2025-29534 - PowerStick Wave Dual-Band Wifi Extender Remote Code Execution Vulnerability

CVE ID : CVE-2025-29534 Published : July 28, 2025, 8:17 p.m. | 8 hours, 58 minutes ago Description : An authenticated remote code execution vulnerability in PowerStick Wave Dual-Band Wifi Extender V1.0 allows an attacker with valid credentials to execute arbitrary commands with root privileges. The issue stems from insufficient sanitization of user-supplied input in the /cgi-bin/cgi_vista.cgi executable, which is passed to a system-level function call. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-50485 - PHPGurukul Online Course Registration Session Hijacking Vulnerability

CVE ID : CVE-2025-50485 Published : July 28, 2025, 8:17 p.m. | 8 hours, 58 minutes ago Description : Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online Course Registration v3.1 allows attackers to execute a session hijacking attack. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-50486 - PHPGurukul Car Rental Project Session Hijacking Vulnerability

CVE ID : CVE-2025-50486 Published : July 28, 2025, 8:17 p.m. | 8 hours, 58 minutes ago Description : Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session hijacking attack. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-54419 - Node-SAML SAML Assertion Tampering

CVE ID : CVE-2025-54419 Published : July 28, 2025, 8:17 p.m. | 8 hours, 58 minutes ago Description : A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any character from the SAML assertion username. To conduct the attack an attacker would need a validly signed document from the identity provider (IdP). This is fixed in version 5.1.0. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-54423 - Copyparty Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-54423 Published : July 28, 2025, 8:17 p.m. | 8 hours, 58 minutes ago Description : copyparty is a portable file server. In versions up to and including versions 1.18.4, an unauthenticated attacker is able to execute arbitrary JavaScript code in a victim's browser due to improper sanitization of multimedia tags in music files, including m3u files. This is fixed in version 1.18.5. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 20:17:00 GMT

read more

CVE-2025-8194 - Apache CPython TarFile Infinite Loop Deadlock

CVE ID : CVE-2025-8194 Published : July 28, 2025, 7:15 p.m. | 10 hours ago Description : There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: import tarfile def _block_patched(self, count): if count 0: # pragma: no cover raise tarfile.InvalidHeaderError("invalid offset") return _block_patched._orig_block(self, count) _block_patched._orig_block = tarfile.TarInfo._block tarfile.TarInfo._block = _block_patched Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 19:15:00 GMT

read more

CVE-2025-8283 - "Podman Netavark DNS Hijacking Vulnerability"

CVE ID : CVE-2025-8283 Published : July 28, 2025, 7:15 p.m. | 10 hours ago Description : A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 19:15:00 GMT

read more

CVE-2025-50484 - PHPGurukul Small CRM Session Hijacking Vulnerability

CVE ID : CVE-2025-50484 Published : July 28, 2025, 7:15 p.m. | 7 hours, 48 minutes ago Description : Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 19:15:00 GMT

read more

CVE-2025-50487 - PHPGurukul Blood Bank Donor Management System Session Hijacking Vulnerability

CVE ID : CVE-2025-50487 Published : July 28, 2025, 7:15 p.m. | 7 hours, 48 minutes ago Description : Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood Bank & Donor Management System v2.4 allows attackers to execute a session hijacking attack. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 19:15:00 GMT

read more

CVE-2025-43023 - HP Linux Imaging and Printing Software DSA Code Signing Key Weakness

CVE ID : CVE-2025-43023 Published : July 28, 2025, 6:15 p.m. | 8 hours, 48 minutes ago Description : A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-50488 - PHPGurukul Online Library Management System Session Hijacking Vuln

CVE ID : CVE-2025-50488 Published : July 28, 2025, 6:15 p.m. | 8 hours, 48 minutes ago Description : Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-50489 - PHPGurukul Student Result Management System Session Hijacking Vulnerability

CVE ID : CVE-2025-50489 Published : July 28, 2025, 6:15 p.m. | 8 hours, 48 minutes ago Description : Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-50491 - PHPGurukul Bank Locker Management System Session Hijacking Vulnerability

CVE ID : CVE-2025-50491 Published : July 28, 2025, 6:15 p.m. | 8 hours, 48 minutes ago Description : Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank Locker Management System v1 allows attackers to execute a session hijacking attack. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-50492 - PHPGurukul e-Diary Management System Session Hijacking Vulnerability

CVE ID : CVE-2025-50492 Published : July 28, 2025, 6:15 p.m. | 8 hours, 48 minutes ago Description : Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-54298 - Joomla CommentBox Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-54298 Published : July 28, 2025, 6:15 p.m. | 8 hours, 48 minutes ago Description : A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-54299 - Joomla No Boss Testimonials Stored XSS Vulnerability

CVE ID : CVE-2025-54299 Published : July 28, 2025, 6:15 p.m. | 8 hours, 48 minutes ago Description : A stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for Joomla was discovered. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 18:15:00 GMT

read more

CVE-2025-54535 - JetBrains TeamCity Weak Password Token Hashing

CVE ID : CVE-2025-54535 Published : July 28, 2025, 5:15 p.m. | 5 hours, 24 minutes ago Description : In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54536 - JetBrains TeamCity GraphQL CSRF Vulnerability

CVE ID : CVE-2025-54536 Published : July 28, 2025, 5:15 p.m. | 5 hours, 24 minutes ago Description : In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54537 - JetBrains TeamCity Plain Text User Credentials Memory Snapshot Vulnerability

CVE ID : CVE-2025-54537 Published : July 28, 2025, 5:15 p.m. | 5 hours, 24 minutes ago Description : In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54538 - JetBrains TeamCity Password Exposure Vulnerability

CVE ID : CVE-2025-54538 Published : July 28, 2025, 5:15 p.m. | 5 hours, 24 minutes ago Description : In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-7676 - Microsoft Windows DLL Hijacking Vulnerability

CVE ID : CVE-2025-7676 Published : July 28, 2025, 5:15 p.m. | 5 hours, 24 minutes ago Description : DLL hijacking of all PE32 executables when run on Windows for ARM64 CPU architecture. This allows an attacker to execute code, if the attacker can plant a DLL in the same directory as the executable. Vulnerable versions of Windows 11 for ARM attempt to load Base DLLs that would ordinarily not be loaded from the application directory. Fixed in release 24H2, but present in all earlier versions of Windows 11 for ARM CPUs. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54531 - JetBrains TeamCity Path Traversal Vulnerability

CVE ID : CVE-2025-54531 Published : July 28, 2025, 5:15 p.m. | 3 hours, 50 minutes ago Description : In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54532 - JetBrains TeamCity Unrestricted Build Settings Disclosure Vulnerability

CVE ID : CVE-2025-54532 Published : July 28, 2025, 5:15 p.m. | 3 hours, 50 minutes ago Description : In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54533 - JetBrains TeamCity Unrestricted Build Settings Disclosure Vulnerability

CVE ID : CVE-2025-54533 Published : July 28, 2025, 5:15 p.m. | 3 hours, 50 minutes ago Description : In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54534 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-54534 Published : July 28, 2025, 5:15 p.m. | 3 hours, 50 minutes ago Description : In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-50494 - PHPGurukul Car Washing Management System Session Hijacking Vulnerability

CVE ID : CVE-2025-50494 Published : July 28, 2025, 5:15 p.m. | 2 hours, 34 minutes ago Description : Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Car Washing Management System v1.0 allows attackers to execute a session hijacking attack. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54527 - JetBrains YouTrack Iframe Sandbox Bypass

CVE ID : CVE-2025-54527 Published : July 28, 2025, 5:15 p.m. | 2 hours, 34 minutes ago Description : In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54528 - JetBrains TeamCity GitHub App CSRF Vulnerability

CVE ID : CVE-2025-54528 Published : July 28, 2025, 5:15 p.m. | 2 hours, 34 minutes ago Description : In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54529 - JetBrains TeamCity CSRF Vulnerability

CVE ID : CVE-2025-54529 Published : July 28, 2025, 5:15 p.m. | 2 hours, 34 minutes ago Description : In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-54530 - JetBrains TeamCity Directory Permission Escalation

CVE ID : CVE-2025-54530 Published : July 28, 2025, 5:15 p.m. | 2 hours, 34 minutes ago Description : In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-50490 - PHPGurukul Student Result Management System Session Hijacking Vulnerability

CVE ID : CVE-2025-50490 Published : July 28, 2025, 5:15 p.m. | 1 hour, 46 minutes ago Description : Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-50493 - PHPGurukul Doctor Appointment Management System Session Hijacking Vulnerability

CVE ID : CVE-2025-50493 Published : July 28, 2025, 5:15 p.m. | 1 hour, 46 minutes ago Description : Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor Appointment Management System v1 allows attackers to execute a session hijacking attack. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 17:15:00 GMT

read more

CVE-2025-2297 - Apache Struts Privilege Escalation Vulnerability

CVE ID : CVE-2025-2297 Published : July 28, 2025, 4:15 p.m. | 2 hours, 47 minutes ago Description : Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 16:15:00 GMT

read more

CVE-2025-6250 - Symantec Defendpoint Service Bypass

CVE ID : CVE-2025-6250 Published : July 28, 2025, 4:15 p.m. | 2 hours, 47 minutes ago Description : Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 16:15:00 GMT

read more

CVE-2024-49342 - IBM Informix Dynamic Server Authentication Bypass

CVE ID : CVE-2024-49342 Published : July 28, 2025, 4:15 p.m. | 2 hours, 14 minutes ago Description : IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 16:15:00 GMT

read more

CVE-2024-49343 - IBM Informix Dynamic Server HTML Injection Vulnerability

CVE ID : CVE-2024-49343 Published : July 28, 2025, 4:15 p.m. | 2 hours, 14 minutes ago Description : IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 16:15:00 GMT

read more

CVE-2025-30125 - Marbella KR8s Dashcam Weak Password Authentication Vulnerability

CVE ID : CVE-2025-30125 Published : July 28, 2025, 3:15 p.m. | 3 hours, 14 minutes ago Description : An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with the same default credentials of 12345678, which creates an insecure-by-default condition. For users who change their passwords, it's limited to 8 characters. These short passwords can be cracked in 8 hours via low-end commercial cloud resources. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 15:15:00 GMT

read more

CVE-2025-53696 - iSTAR Ultra Firmware Verification Bypass Vulnerability

CVE ID : CVE-2025-53696 Published : July 28, 2025, 3:15 p.m. | 3 hours, 14 minutes ago Description : iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These firmware parts may contain malicious code. Tested up to firmware 6.9.2, later firmwares are also possibly affected. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 15:15:00 GMT

read more

CVE-2025-54418 - CodeIgniter ImageMagick Command Injection Vulnerability

CVE ID : CVE-2025-54418 Published : July 28, 2025, 3:15 p.m. | 3 hours, 14 minutes ago Description : CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing (`imagick` as the image library) and either allow file uploads with user-controlled filenames and process uploaded images using the `resize()` method or use the `text()` method with user-controlled text content or options. An attacker can upload a file with a malicious filename containing shell metacharacters that get executed when the image is processed or provide malicious text content or options that get executed when adding text to images Users should upgrade to v4.6.2 or later to receive a patch. As a workaround, switch to the GD image handler (`gd`, the default handler), which is not affected by either vulnerability. For file upload scenarios, instead of using user-provided filenames, generate random names to eliminate the attack vector with `getRandomName()` when using the `move()` method, or use the `store()` method, which automatically generates safe filenames. For text operations, if one must use ImageMagick with user-controlled text, sanitize the input to only allow safe characters and validate/restrict text options. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 15:15:00 GMT

read more

CVE-2025-53695 - iSTAR Ultra OS Command Injection Vulnerability

CVE ID : CVE-2025-53695 Published : July 28, 2025, 2:15 p.m. | 4 hours, 14 minutes ago Description : OS Command Injection in iSTAR Ultra products web application allows an authenticated attacker to gain even more privileged access ('root' user) to the device firmware. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-8279 - GitLab Language Server GraphQL Query Injection Vulnerability

CVE ID : CVE-2025-8279 Published : July 28, 2025, 2:15 p.m. | 4 hours, 14 minutes ago Description : Insufficient input validation within GitLab Language Server 7.6.0 and later before 7.30.0 allows arbitrary GraphQL query execution Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-24485 - MedDream PACS Premium Server-Side Request Forgery Vulnerability

CVE ID : CVE-2025-24485 Published : July 28, 2025, 2:15 p.m. | 2 hours, 47 minutes ago Description : A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request can lead to SSRF. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-26469 - MedDream PACS Premium Default Permissions Leakage

CVE ID : CVE-2025-26469 Published : July 28, 2025, 2:15 p.m. | 2 hours, 47 minutes ago Description : An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3.840. A specially crafted application can decrypt credentials stored in a configuration-related registry key. An attacker can execute a malicious script or application to exploit this vulnerability. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-27724 - MedDream PACS Privilege Escalation Vulnerability

CVE ID : CVE-2025-27724 Published : July 28, 2025, 2:15 p.m. | 2 hours, 47 minutes ago Description : A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file can lead to elevated capabilities. An attacker can upload a malicious file to trigger this vulnerability. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-30124 - Marbella KR8s Dashcam Information Disclosure Vulnerability

CVE ID : CVE-2025-30124 Published : July 28, 2025, 2:15 p.m. | 2 hours, 47 minutes ago Description : An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted into the dashcam, the existing password is written onto the SD card in cleartext automatically. An attacker with temporary access to the dashcam can switch the SD card to steal this password. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-30126 - Marbella KR8s Dashcam Unauthenticated Remote Access and Control Vulnerability

CVE ID : CVE-2025-30126 Published : July 28, 2025, 2:15 p.m. | 2 hours, 47 minutes ago Description : An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Via port 7777 without any need to pair or press a physical button, a remote attacker can disable recording, delete recordings, or even disable battery protection to cause a flat battery to essentially disable the car from being used. During the process of changing these settings, there are no indications or sounds on the dashcam to alert the dashcam owner that someone else is making those changes. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-30133 - IROAD Dashcam FX2 Unrestricted HTTP Server Access and Pairing Bypass

CVE ID : CVE-2025-30133 Published : July 28, 2025, 2:15 p.m. | 2 hours, 47 minutes ago Description : An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via the "IROAD X View" app for authentication, but its HTTP server lacks this restriction. Once connected to the dashcam's Wi-Fi network via the default password ("qwertyuiop"), an attacker can directly access the HTTP server at http://192.168.10.1 without undergoing the pairing process. Additionally, no alert is triggered on the device when an attacker connects, making this intrusion completely silent. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-32731 - MedDream PACS Premium Reflected XSS

CVE ID : CVE-2025-32731 Published : July 28, 2025, 2:15 p.m. | 2 hours, 47 minutes ago Description : A reflected cross-site scripting (xss) vulnerability exists in the radiationDoseReport.php functionality of meddream MedDream PACS Premium 7.3.5.860. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 14:15:00 GMT

read more

CVE-2025-4056 - GLib Windows Command Line Denial of Service

CVE ID : CVE-2025-4056 Published : July 28, 2025, 1:15 p.m. | 3 hours, 47 minutes ago Description : A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to spawn a program using long command lines. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 13:15:00 GMT

read more

CVE-2025-54569 - Malwarebytes Binisoft Windows Firewall Control Privilege Escalation

CVE ID : CVE-2025-54569 Published : July 28, 2025, 1:15 p.m. | 3 hours, 47 minutes ago Description : In Malwarebytes Binisoft Windows Firewall Control before 6.16.0.0, the installer is vulnerable to local privilege escalation. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 13:15:00 GMT

read more

CVE-2025-8275 - Peru Cocktails App Android Improper Component Export Vulnerability

CVE ID : CVE-2025-8275 Published : July 28, 2025, 1:15 p.m. | 3 hours, 47 minutes ago Description : A vulnerability, which was classified as problematic, has been found in bsc Peru Cocktails App 1.0.0 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component bsc.devy.peru_cocktails. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 13:15:00 GMT

read more

CVE-2025-38494 - Linux Kernel HID Raw Request Bypass Vulnerability

CVE ID : CVE-2025-38494 Published : July 28, 2025, 12:15 p.m. | 4 hours, 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38495 - Linux Kernel HID Buffer Undersized

CVE ID : CVE-2025-38495 Published : July 28, 2025, 12:15 p.m. | 4 hours, 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account for that extra byte, meaning that instead of having 8 guaranteed bytes for implement to be working, we only have 7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38496 - QEMU dm-bufio Preemption Vulnerability

CVE ID : CVE-2025-38496 Published : July 28, 2025, 12:15 p.m. | 4 hours, 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: dm-bufio: fix sched in atomic context If "try_verify_in_tasklet" is set for dm-verity, DM_BUFIO_CLIENT_NO_SLEEP is enabled for dm-bufio. However, when bufio tries to evict buffers, there is a chance to trigger scheduling in spin_lock_bh, the following warning is hit: BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2745 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 123, name: kworker/2:2 preempt_count: 201, expected: 0 RCU nest depth: 0, expected: 0 4 locks held by kworker/2:2/123: #0: ffff88800a2d1548 ((wq_completion)dm_bufio_cache){....}-{0:0}, at: process_one_work+0xe46/0x1970 #1: ffffc90000d97d20 ((work_completion)(&dm_bufio_replacement_work)){....}-{0:0}, at: process_one_work+0x763/0x1970 #2: ffffffff8555b528 (dm_bufio_clients_lock){....}-{3:3}, at: do_global_cleanup+0x1ce/0x710 #3: ffff88801d5820b8 (&c->spinlock){....}-{2:2}, at: do_global_cleanup+0x2a5/0x710 Preemption disabled at: [] 0x0 CPU: 2 UID: 0 PID: 123 Comm: kworker/2:2 Not tainted 6.16.0-rc3-g90548c634bd0 #305 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 Workqueue: dm_bufio_cache do_global_cleanup Call Trace: dump_stack_lvl+0x53/0x70 __might_resched+0x360/0x4e0 do_global_cleanup+0x2f5/0x710 process_one_work+0x7db/0x1970 worker_thread+0x518/0xea0 kthread+0x359/0x690 ret_from_fork+0xf3/0x1b0 ret_from_fork_asm+0x1a/0x30 That can be reproduced by: veritysetup format --data-block-size=4096 --hash-block-size=4096 /dev/vda /dev/vdb SIZE=$(blockdev --getsz /dev/vda) dmsetup create myverity -r --table "0 $SIZE verity 1 /dev/vda /dev/vdb 4096 4096 1 sha256 1 try_verify_in_tasklet" mount /dev/dm-0 /mnt -o ro echo 102400 > /sys/module/dm_bufio/parameters/max_cache_size_bytes [read files in /mnt] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38497 - Linux Kernel USB Gadget configfs Out-of-Bounds Read

CVE ID : CVE-2025-38497 Published : July 28, 2025, 12:15 p.m. | 4 hours, 47 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage' sysfs attributes, the store functions attempt to access page[l - 1] before validating that the length 'l' is greater than zero. This patch fixes the vulnerability by adding a check at the beginning of os_desc_qw_sign_store() and webusb_landingPage_store() to handle the zero-length input case gracefully by returning immediately. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-5997 - Beamsec PhishPro Privileged API Abuse

CVE ID : CVE-2025-5997 Published : July 28, 2025, 12:15 p.m. | 4 hours, 47 minutes ago Description : Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse.This issue affects PhishPro: before 7.5.4.2. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-8274 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8274 Published : July 28, 2025, 12:15 p.m. | 4 hours, 47 minutes ago Description : A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=save_recruitment_status. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38487 - Aspeed LPC Snoop NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38487 Published : July 28, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: # echo 1e789080.lpc-snoop > /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... [ 120.363594] Unable to handle kernel NULL pointer dereference at virtual address 00000004 when write [ 120.373866] [00000004] *pgd=00000000 [ 120.377910] Internal error: Oops: 805 [#1] SMP ARM [ 120.383306] CPU: 1 UID: 0 PID: 315 Comm: sh Not tainted 6.15.0-rc1-00009-g926217bc7d7d-dirty #20 NONE ... [ 120.679543] Call trace: [ 120.679559] misc_deregister from aspeed_lpc_snoop_remove+0x84/0xac [ 120.692462] aspeed_lpc_snoop_remove from platform_remove+0x28/0x38 [ 120.700996] platform_remove from device_release_driver_internal+0x188/0x200 ... Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38488 - Linux Samba SMB Client Use-After-Free Vulnerability

CVE ID : CVE-2025-38488 Published : July 28, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from crypt_message(), assuming all crypto operations are synchronous. However, when hardware crypto accelerators are used, this can cause use-after-free crashes: crypt_message() // Allocate the creq buffer containing the req creq = smb2_get_aead_req(..., &req); // Async encryption returns -EINPROGRESS immediately rc = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req); // Free creq while async operation is still in progress kvfree_sensitive(creq, ...); Hardware crypto modules often implement async AEAD operations for performance. When crypto_aead_encrypt/decrypt() returns -EINPROGRESS, the operation completes asynchronously. Without crypto_wait_req(), the function immediately frees the request buffer, leading to crashes when the driver later accesses the freed memory. This results in a use-after-free condition when the hardware crypto driver later accesses the freed request structure, leading to kernel crashes with NULL pointer dereferences. The issue occurs because crypto_alloc_aead() with mask=0 doesn't guarantee synchronous operation. Even without CRYPTO_ALG_ASYNC in the mask, async implementations can be selected. Fix by restoring the async crypto handling: - DECLARE_CRYPTO_WAIT(wait) for completion tracking - aead_request_set_callback() for async completion notification - crypto_wait_req() to wait for operation completion This ensures the request buffer isn't freed until the crypto operation completes, whether synchronous or asynchronous, while preserving the CVE-2024-50047 fix. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38489 - Linux Kernel s390 BPF NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38489 Published : July 28, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again Commit 7ded842b356d ("s390/bpf: Fix bpf_plt pointer arithmetic") has accidentally removed the critical piece of commit c730fce7c70c ("s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL"), causing intermittent kernel panics in e.g. perf's on_switch() prog to reappear. Restore the fix and add a comment. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38490 - Linux Kernel libwx Double Free Vulnerability

CVE ID : CVE-2025-38490 Published : July 28, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: libwx: remove duplicate page_pool_put_full_page() page_pool_put_full_page() should only be invoked when freeing Rx buffers or building a skb if the size is too short. At other times, the pages need to be reused. So remove the redundant page put. In the original code, double free pages cause kernel panic: [ 876.949834] __irq_exit_rcu+0xc7/0x130 [ 876.949836] common_interrupt+0xb8/0xd0 [ 876.949838] [ 876.949838] [ 876.949840] asm_common_interrupt+0x22/0x40 [ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420 [ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d [ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246 [ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000 [ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e [ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed [ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580 [ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000 [ 876.949852] ? cpuidle_enter_state+0xb3/0x420 [ 876.949855] cpuidle_enter+0x29/0x40 [ 876.949857] cpuidle_idle_call+0xfd/0x170 [ 876.949859] do_idle+0x7a/0xc0 [ 876.949861] cpu_startup_entry+0x25/0x30 [ 876.949862] start_secondary+0x117/0x140 [ 876.949864] common_startup_64+0x13e/0x148 [ 876.949867] [ 876.949868] ---[ end trace 0000000000000000 ]--- [ 876.949869] ------------[ cut here ]------------ [ 876.949870] list_del corruption, ffffead40445a348->next is NULL [ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120 [ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E) [ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi [ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary) [ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE [ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024 [ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120 [ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8 [ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282 [ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000 [ 876.949942] RDX: 0000000000000105 RSI: 00000 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38491 - Linux MPTCP Atomic Fallback Vulnerability

CVE ID : CVE-2025-38491 Published : July 28, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: mptcp: make fallback action and fallback decision atomic Syzkaller reported the following splat: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline] WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline] WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline] WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153 Modules linked in: CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary) Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline] RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline] RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline] RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153 Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00 RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45 RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001 RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000 FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0 Call Trace: tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432 tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975 tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166 tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925 tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363 ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233 NF_HOOK include/linux/netfilter.h:317 [inline] NF_HOOK include/linux/netfilter.h:311 [inline] ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254 dst_input include/net/dst.h:469 [inline] ip_rcv_finish net/ipv4/ip_input.c:447 [inline] NF_HOOK include/linux/netfilter.h:317 [inline] NF_HOOK include/linux/netfilter.h:311 [inline] ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567 __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975 __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088 process_backlog+0x301/0x1360 net/core/dev.c:6440 __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453 napi_poll net/core/dev.c:7517 [inline] net_rx_action+0xb44/0x1010 net/core/dev.c:7644 handle_softirqs+0x1d0/0x770 kernel/softirq.c:579 do_softirq+0x3f/0x90 kernel/softirq.c:480 __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407 local_bh_enable include/linux/bottom_half.h:33 [inline] inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524 mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985 mptcp_check_listen_stop net/mptcp/mib.h:118 [inline] __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000 mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066 inet_release+0xed/0x200 net/ipv4/af_inet.c:435 inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487 __sock_release+0xb3/0x270 net/socket.c:649 sock_close+0x1c/0x30 net/socket.c:1439 __fput+0x402/0xb70 fs/file_table.c:465 task_work_run+0x150/0x240 kernel/task_work.c:227 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] exit_to_user_mode_loop+0xd4 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38492 - Linux Kernel Netfs ALL_QUEUED Race Condition Vulnerability

CVE ID : CVE-2025-38492 Published : July 28, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: netfs: Fix race between cache write completion and ALL_QUEUED being set When netfslib is issuing subrequests, the subrequests start processing immediately and may complete before we reach the end of the issuing function. At the end of the issuing function we set NETFS_RREQ_ALL_QUEUED to indicate to the collector that we aren't going to issue any more subreqs and that it can do the final notifications and cleanup. Now, this isn't a problem if the request is synchronous (NETFS_RREQ_OFFLOAD_COLLECTION is unset) as the result collection will be done in-thread and we're guaranteed an opportunity to run the collector. However, if the request is asynchronous, collection is primarily triggered by the termination of subrequests queuing it on a workqueue. Now, a race can occur here if the app thread sets ALL_QUEUED after the last subrequest terminates. This can happen most easily with the copy2cache code (as used by Ceph) where, in the collection routine of a read request, an asynchronous write request is spawned to copy data to the cache. Folios are added to the write request as they're unlocked, but there may be a delay before ALL_QUEUED is set as the write subrequests may complete before we get there. If all the write subreqs have finished by the ALL_QUEUED point, no further events happen and the collection never happens, leaving the request hanging. Fix this by queuing the collector after setting ALL_QUEUED. This is a bit heavy-handed and it may be sufficient to do it only if there are no extant subreqs. Also add a tracepoint to cross-reference both requests in a copy-to-request operation and add a trace to the netfs_rreq tracepoint to indicate the setting of ALL_QUEUED. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38493 - Linux Kernel FORTIFY_SOURCE Buffer Overflow in timerlat_dump_stack

CVE ID : CVE-2025-38493 Published : July 28, 2025, 12:15 p.m. | 2 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlat_dump_stack() We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU: 2 PID: 8153 at lib/string_helpers.c:1032 __fortify_report+0x55/0xa0 CPU: 2 UID: 0 PID: 8153 Comm: timerlatu/2 Kdump: loaded Not tainted 6.15.3-200.fc42.x86_64 #1 PREEMPT(lazy) Call Trace: ? trace_buffer_lock_reserve+0x2a/0x60 __fortify_panic+0xd/0xf __timerlat_dump_stack.cold+0xd/0xd timerlat_dump_stack.part.0+0x47/0x80 timerlat_fd_read+0x36d/0x390 vfs_read+0xe2/0x390 ? syscall_exit_to_user_mode+0x1d5/0x210 ksys_read+0x73/0xe0 do_syscall_64+0x7b/0x160 ? exc_page_fault+0x7e/0x1a0 entry_SYSCALL_64_after_hwframe+0x76/0x7e __timerlat_dump_stack() constructs the ftrace stack entry like this: struct stack_entry *entry; ... memcpy(&entry->caller, fstack->calls, size); entry->size = fstack->nr_entries; Since commit e7186af7fb26 ("tracing: Add back FORTIFY_SOURCE logic to kernel_stack event structure"), struct stack_entry marks its caller field with __counted_by(size). At the time of the memcpy, entry->size contains garbage from the ringbuffer, which under some circumstances is zero, triggering a kernel panic by buffer overflow. Populate the size field before the memcpy so that the out-of-bounds check knows the correct size. This is analogous to __ftrace_trace_stack(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38474 - Sierra USB Net Interrupt Input Endpoint Validation Vulnerability

CVE ID : CVE-2025-38474 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38475 - Android Linux SMC Socket Type Confusion Vulnerability

CVE ID : CVE-2025-38475 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inet_sock type confusion. syzbot reported weird splats [0][1] in cipso_v4_sock_setattr() while freeing inet_sk(sk)->inet_opt. The address was freed multiple times even though it was read-only memory. cipso_v4_sock_setattr() did nothing wrong, and the root cause was type confusion. The cited commit made it possible to create smc_sock as an INET socket. The issue is that struct smc_sock does not have struct inet_sock as the first member but hijacks AF_INET and AF_INET6 sk_family, which confuses various places. In this case, inet_sock.inet_opt was actually smc_sock.clcsk_data_ready(), which is an address of a function in the text segment. $ pahole -C inet_sock vmlinux struct inet_sock { ... struct ip_options_rcu * inet_opt; /* 784 8 */ $ pahole -C smc_sock vmlinux struct smc_sock { ... void (*clcsk_data_ready)(struct sock *); /* 784 8 */ The same issue for another field was reported before. [2][3] At that time, an ugly hack was suggested [4], but it makes both INET and SMC code error-prone and hard to change. Also, yet another variant was fixed by a hacky commit 98d4435efcbf3 ("net/smc: prevent NULL pointer dereference in txopt_get"). Instead of papering over the root cause by such hacks, we should not allow non-INET socket to reuse the INET infra. Let's add inet_sock as the first member of smc_sock. [0]: kvfree_call_rcu(): Double-freed call. rcu_head 000000006921da73 WARNING: CPU: 0 PID: 6718 at mm/slab_common.c:1956 kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 Modules linked in: CPU: 0 UID: 0 PID: 6718 Comm: syz.0.17 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 lr : kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 sp : ffff8000a03a7730 x29: ffff8000a03a7730 x28: 00000000fffffff5 x27: 1fffe000184823d3 x26: dfff800000000000 x25: ffff0000c2411e9e x24: ffff0000dd88da00 x23: ffff8000891ac9a0 x22: 00000000ffffffea x21: ffff8000891ac9a0 x20: ffff8000891ac9a0 x19: ffff80008afc2480 x18: 00000000ffffffff x17: 0000000000000000 x16: ffff80008ae642c8 x15: ffff700011ede14c x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff x11: ffff700011ede14c x10: 0000000000ff0100 x9 : 5fa3c1ffaf0ff000 x8 : 5fa3c1ffaf0ff000 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff8000a03a7078 x4 : ffff80008f766c20 x3 : ffff80008054d360 x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 Call trace: kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 (P) cipso_v4_sock_setattr+0x2f0/0x3f4 net/ipv4/cipso_ipv4.c:1914 netlbl_sock_setattr+0x240/0x334 net/netlabel/netlabel_kapi.c:1000 smack_netlbl_add+0xa8/0x158 security/smack/smack_lsm.c:2581 smack_inode_setsecurity+0x378/0x430 security/smack/smack_lsm.c:2912 security_inode_setsecurity+0x118/0x3c0 security/security.c:2706 __vfs_setxattr_noperm+0x174/0x5c4 fs/xattr.c:251 __vfs_setxattr_locked+0x1ec/0x218 fs/xattr.c:295 vfs_setxattr+0x158/0x2ac fs/xattr.c:321 do_setxattr fs/xattr.c:636 [inline] file_setxattr+0x1b8/0x294 fs/xattr.c:646 path_setxattrat+0x2ac/0x320 fs/xattr.c:711 __do_sys_fsetxattr fs/xattr.c:761 [inline] __se_sys_fsetxattr fs/xattr.c:758 [inline] __arm64_sys_fsetxattr+0xc0/0xdc fs/xattr.c:758 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x180 arch/arm64/kernel/entry-common.c:879 el0t_64_sync_handler+0x84/0x12c arch/arm64/kernel/entry-common.c:898 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 [ ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38476 - Linux kernel RPL Use-after-free Vulnerability

CVE ID : CVE-2025-38476 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpl_do_srh_inline(). Running lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers the splat below [0]. rpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after skb_cow_head(), which is illegal as the header could be freed then. Let's fix it by making oldhdr to a local struct instead of a pointer. [0]: [root@fedora net]# ./lwt_dst_cache_ref_loop.sh ... TEST: rpl (input) [ 57.631529] ================================================================== BUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174) Read of size 40 at addr ffff888122bf96d8 by task ping6/1543 CPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:122) print_report (mm/kasan/report.c:409 mm/kasan/report.c:521) kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636) kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1)) __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2)) rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174) rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282) lwtunnel_input (net/core/lwtunnel.c:459) ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1)) __netif_receive_skb_one_core (net/core/dev.c:5967) process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440) __napi_poll.constprop.0 (net/core/dev.c:7452) net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643) handle_softirqs (kernel/softirq.c:579) do_softirq (kernel/softirq.c:480 (discriminator 20)) __local_bh_enable_ip (kernel/softirq.c:407) __dev_queue_xmit (net/core/dev.c:4740) ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141) ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226) ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248) ip6_send_skb (net/ipv6/ip6_output.c:1983) rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918) __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1)) __x64_sys_sendto (net/socket.c:2231) do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) RIP: 0033:0x7f68cffb2a06 Code: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08 RSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06 RDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003 RBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c R10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4 R13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0 Allocated by task 1543: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1)) __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345) kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249) kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88)) __alloc_skb (net/core/skbuff.c:669) __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1)) ip6_ ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38477 - Linux Kernel sch_qfq Race Condition Vulnerability

CVE ID : CVE-2025-38477 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38478 - Linux Comedi Uninitialized Data Access Vulnerability

CVE ID : CVE-2025-38478 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: comedi: Fix initialization of data for instructions that write to subdevice Some Comedi subdevice instruction handlers are known to access instruction data elements beyond the first `insn->n` elements in some cases. The `do_insn_ioctl()` and `do_insnlist_ioctl()` functions allocate at least `MIN_SAMPLES` (16) data elements to deal with this, but they do not initialize all of that. For Comedi instruction codes that write to the subdevice, the first `insn->n` data elements are copied from user-space, but the remaining elements are left uninitialized. That could be a problem if the subdevice instruction handler reads the uninitialized data. Ensure that the first `MIN_SAMPLES` elements are initialized before calling these instruction handlers, filling the uncopied elements with 0. For `do_insnlist_ioctl()`, the same data buffer elements are used for handling a list of instructions, so ensure the first `MIN_SAMPLES` elements are initialized for each instruction that writes to the subdevice. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38480 - Comedi Uninitialized Data Exposure Vulnerability

CVE ID : CVE-2025-38480 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized data in insn_rw_emulate_bits() For Comedi `INSN_READ` and `INSN_WRITE` instructions on "digital" subdevices (subdevice types `COMEDI_SUBD_DI`, `COMEDI_SUBD_DO`, and `COMEDI_SUBD_DIO`), it is common for the subdevice driver not to have `insn_read` and `insn_write` handler functions, but to have an `insn_bits` handler function for handling Comedi `INSN_BITS` instructions. In that case, the subdevice's `insn_read` and/or `insn_write` function handler pointers are set to point to the `insn_rw_emulate_bits()` function by `__comedi_device_postconfig()`. For `INSN_WRITE`, `insn_rw_emulate_bits()` currently assumes that the supplied `data[0]` value is a valid copy from user memory. It will at least exist because `do_insnlist_ioctl()` and `do_insn_ioctl()` in "comedi_fops.c" ensure at lease `MIN_SAMPLES` (16) elements are allocated. However, if `insn->n` is 0 (which is allowable for `INSN_READ` and `INSN_WRITE` instructions, then `data[0]` may contain uninitialized data, and certainly contains invalid data, possibly from a different instruction in the array of instructions handled by `do_insnlist_ioctl()`. This will result in an incorrect value being written to the digital output channel (or to the digital input/output channel if configured as an output), and may be reflected in the internal saved state of the channel. Fix it by returning 0 early if `insn->n` is 0, before reaching the code that accesses `data[0]`. Previously, the function always returned 1 on success, but it is supposed to be the number of data samples actually read or written up to `insn->n`, which is 0 in this case. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38481 - Linux Kernel Comedi Invalid Arg Error Vulnerability

CVE ID : CVE-2025-38481 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large The handling of the `COMEDI_INSNLIST` ioctl allocates a kernel buffer to hold the array of `struct comedi_insn`, getting the length from the `n_insns` member of the `struct comedi_insnlist` supplied by the user. The allocation will fail with a WARNING and a stack dump if it is too large. Avoid that by failing with an `-EINVAL` error if the supplied `n_insns` value is unreasonable. Define the limit on the `n_insns` value in the `MAX_INSNS` macro. Set this to the same value as `MAX_SAMPLES` (65536), which is the maximum allowed sum of the values of the member `n` in the array of `struct comedi_insn`, and sensible comedi instructions will have an `n` of at least 1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38482 - Linux Kernel Comedi Out-of-Bounds Bit Shift Vulnerability

CVE ID : CVE-2025-38482 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: /* IRQs 2,3,5,6,7, 10,11,15 are valid for "enhanced" mode */ if ((1 it->options[1]) & 0x8cec) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test. Valid `it->options[1]` values that select the IRQ will be in the range [1,15]. The value 0 explicitly disables the use of interrupts. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38483 - Linux Kernel comedi das16m1 Out-of-Bounds Bit Shift Vulnerability

CVE ID : CVE-2025-38483 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: /* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */ if ((1 it->options[1]) & 0xdcfc) { However, `it->options[i]` is an unchecked `int` value from userspace, so the shift amount could be negative or out of bounds. Fix the test by requiring `it->options[1]` to be within bounds before proceeding with the original test. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38484 - Linux Kernel IIO Backend Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-38484 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: iio: backend: fix out-of-bound write The buffer is set to 80 character. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". But afterwards a string terminator is written to the buffer at offset count without boundary check. The zero termination is written OUT-OF-BOUND. Add a check that the given buffer is smaller then the buffer to prevent. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38485 - "Linux Kernel IIO Accel FXLS8962AF Use After Free Null Pointer Dereference Vulnerability"

CVE ID : CVE-2025-38485 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush fxls8962af_fifo_flush() uses indio_dev->active_scan_mask (with iio_for_each_active_channel()) without making sure the indio_dev stays in buffer mode. There is a race if indio_dev exits buffer mode in the middle of the interrupt that flushes the fifo. Fix this by calling synchronize_irq() to ensure that no interrupt is currently running when disabling buffer mode. Unable to handle kernel NULL pointer dereference at virtual address 00000000 when read [...] _find_first_bit_le from fxls8962af_fifo_flush+0x17c/0x290 fxls8962af_fifo_flush from fxls8962af_interrupt+0x80/0x178 fxls8962af_interrupt from irq_thread_fn+0x1c/0x7c irq_thread_fn from irq_thread+0x110/0x1f4 irq_thread from kthread+0xe0/0xfc kthread from ret_from_fork+0x14/0x2c Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-38486 - Qualcomm Soundwire QCOM SDM845 Kernel BRK Exception Handler Vulnerability

CVE ID : CVE-2025-38486 Published : July 28, 2025, 12:15 p.m. | 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: soundwire: Revert "soundwire: qcom: Add set_channel_map api support" This reverts commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch broke Dragonboard 845c (sdm845). I see: Unexpected kernel BRK exception at EL1 Internal error: BRK handler: 00000000f20003e8 [#1] SMP pc : qcom_swrm_set_channel_map+0x7c/0x80 [soundwire_qcom] lr : snd_soc_dai_set_channel_map+0x34/0x78 Call trace: qcom_swrm_set_channel_map+0x7c/0x80 [soundwire_qcom] (P) sdm845_dai_init+0x18c/0x2e0 [snd_soc_sdm845] snd_soc_link_init+0x28/0x6c snd_soc_bind_card+0x5f4/0xb0c snd_soc_register_card+0x148/0x1a4 devm_snd_soc_register_card+0x50/0xb0 sdm845_snd_platform_probe+0x124/0x148 [snd_soc_sdm845] platform_probe+0x6c/0xd0 really_probe+0xc0/0x2a4 __driver_probe_device+0x7c/0x130 driver_probe_device+0x40/0x118 __device_attach_driver+0xc4/0x108 bus_for_each_drv+0x8c/0xf0 __device_attach+0xa4/0x198 device_initial_probe+0x18/0x28 bus_probe_device+0xb8/0xbc deferred_probe_work_func+0xac/0xfc process_one_work+0x244/0x658 worker_thread+0x1b4/0x360 kthread+0x148/0x228 ret_from_fork+0x10/0x20 Kernel panic - not syncing: BRK handler: Fatal exception Dan has also reported following issues with the original patch https://lore.kernel.org/all/33fe8fe7-719a-405a-9ed2-d9f816ce1d57@sabinyo.mountain/ Bug #1: The zeroeth element of ctrl->pconfig[] is supposed to be unused. We start counting at 1. However this code sets ctrl->pconfig[0].ch_mask = 128. Bug #2: There are SLIM_MAX_TX_PORTS (16) elements in tx_ch[] array but only QCOM_SDW_MAX_PORTS + 1 (15) in the ctrl->pconfig[] array so it corrupts memory like Yongqin Liu pointed out. Bug 3: Like Jie Gan pointed out, it erases all the tx information with the rx information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 12:15:00 GMT

read more

CVE-2025-8270 - Exam Form Submission SQL Injection

CVE ID : CVE-2025-8270 Published : July 28, 2025, 10:15 a.m. | 46 minutes ago Description : A vulnerability was found in code-projects Exam Form Submission 1.0. It has been classified as critical. This affects an unknown part of the file /admin/delete_s2.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 10:15:00 GMT

read more

CVE-2025-8271 - Code-projects Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8271 Published : July 28, 2025, 10:15 a.m. | 46 minutes ago Description : A vulnerability was found in code-projects Exam Form Submission 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete_s3.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 10:15:00 GMT

read more

CVE-2025-27800 - "Optimizely Episerver Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-27800 Published : July 28, 2025, 9:15 a.m. | 1 hour, 46 minutes ago Description : The Episerver Content Management System (CMS) by Optimizely was affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities. This allowed an authenticated attacker to execute malicious JavaScript code in the victim's browser. The Admin dashboard offered the functionality to add gadgets to the dashboard. This included the "Notes" gadget. An authenticated attacker with the corresponding access rights (such as "WebAdmin") that was impersonating the victim could insert malicious JavaScript code in these notes that would be executed if the victim visited the dashboard. Affected products: Version 11.X: EPiServer.CMS.Core ( Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-27801 - Optimizely Episerver Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-27801 Published : July 28, 2025, 9:15 a.m. | 1 hour, 46 minutes ago Description : The Episerver Content Management System (CMS) by Optimizely was affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities. This allowed an authenticated attacker to execute malicious JavaScript code in the victim's browser. ContentReference properties, which could be used in the "Edit" section of the CMS, offered an upload functionality for documents. These documents could later be used as displayed content on the page. It was possible to upload SVG files that include malicious JavaScript code that would be executed if a user visited the direct URL of the preview image. Attackers needed at least the role "WebEditor" in order to exploit this issue. Affected products: Version 11.X: EPiServer.CMS.Core ( Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-27802 - "Optimizely Episerver Stored Cross-Site Scripting (XSS) Vulnerability"

CVE ID : CVE-2025-27802 Published : July 28, 2025, 9:15 a.m. | 1 hour, 46 minutes ago Description : The Episerver Content Management System (CMS) by Optimizely was affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities. This allowed an authenticated attacker to execute malicious JavaScript code in the victim's browser. RTE properties (text fields), which could be used in the "Edit" section of the CMS, allowed the input of arbitrary text. It was possible to input malicious JavaScript code in these properties that would be executed if a user visits the previewed page. Attackers needed at least the role "WebEditor" in order to exploit this issue. Affected products: Version 11.X: EPiServer.CMS.Core ( Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-8265 - 299Ko CMS File Management Unrestricted Upload Vulnerability

CVE ID : CVE-2025-8265 Published : July 28, 2025, 9:15 a.m. | 1 hour, 46 minutes ago Description : A vulnerability classified as critical has been found in 299Ko CMS 2.0.0. This affects an unknown part of the file /admin/filemanager/view of the component File Management. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-8266 - Yanyutao0402 ChanCMS Deserialization Remote Code Execution

CVE ID : CVE-2025-8266 Published : July 28, 2025, 9:15 a.m. | 1 hour, 46 minutes ago Description : A vulnerability has been found in yanyutao0402 ChanCMS up to 3.1.2 and classified as critical. Affected by this vulnerability is the function getArticle of the file app/modules/cms/controller/collect.js. The manipulation of the argument targetUrl leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. It is recommended to upgrade the affected component. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-8269 - Apache Code-projects Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8269 Published : July 28, 2025, 9:15 a.m. | 1 hour, 46 minutes ago Description : A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/delete_s1.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 09:15:00 GMT

read more

CVE-2025-8263 - Prettier Remote Regular Expression Complexity Vulnerability

CVE ID : CVE-2025-8263 Published : July 28, 2025, 8:15 a.m. | 2 hours, 46 minutes ago Description : A vulnerability was found in prettier up to 3.6.2. It has been declared as problematic. Affected by this vulnerability is the function parseNestedCSS of the file src/language-css/parser-postcss.js. The manipulation of the argument node leads to inefficient regular expression complexity. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 08:15:00 GMT

read more

CVE-2025-8261 - "Vaelsys User Creation Handler Remote Authorization Bypass"

CVE ID : CVE-2025-8261 Published : July 28, 2025, 7:15 a.m. | 3 hours, 46 minutes ago Description : A vulnerability was found in Vaelsys 4.1.0 and classified as critical. This issue affects some unknown processing of the file /grid/vgrid_server.php of the component User Creation Handler. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 07:15:00 GMT

read more

CVE-2025-8262 - Yarn Remote Regular Expression Complexity Vulnerability

CVE ID : CVE-2025-8262 Published : July 28, 2025, 7:15 a.m. | 3 hours, 46 minutes ago Description : A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads to inefficient regular expression complexity. It is possible to launch the attack remotely. The patch is identified as 97731871e674bf93bcbf29e9d3258da8685f3076. It is recommended to apply a patch to fix this issue. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 07:15:00 GMT

read more

CVE-2025-8259 - Vaelsys Vgrid Server Os Command Injection Vulnerability

CVE ID : CVE-2025-8259 Published : July 28, 2025, 6:15 a.m. | 4 hours, 46 minutes ago Description : A vulnerability, which was classified as critical, was found in Vaelsys 4.1.0. This affects the function execute_DataObjectProc of the file /grid/vgrid_server.php. The manipulation of the argument xajaxargs leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 06:15:00 GMT

read more

CVE-2025-8260 - Vaelsys MD4 Hash Handler Remote Weak Hash Vulnerability

CVE ID : CVE-2025-8260 Published : July 28, 2025, 6:15 a.m. | 4 hours, 46 minutes ago Description : A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability affects unknown code of the file /grid/vgrid_server.php of the component MD4 Hash Handler. The manipulation of the argument xajaxargs leads to use of weak hash. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 06:15:00 GMT

read more

CVE-2025-8256 - Code-projects Online Ordering System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-8256 Published : July 28, 2025, 5:16 a.m. | 5 hours, 45 minutes ago Description : A vulnerability classified as critical has been found in code-projects Online Ordering System 1.0. Affected is an unknown function of the file /admin/product.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 05:16:00 GMT

read more

CVE-2025-8257 - Lobby Universe Lobby App Android Manifest XML Component Export Vulnerability

CVE ID : CVE-2025-8257 Published : July 28, 2025, 5:16 a.m. | 5 hours, 45 minutes ago Description : A vulnerability classified as problematic was found in Lobby Universe Lobby App up to 2.8.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.maverick.lobby. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 05:16:00 GMT

read more

CVE-2025-8258 - Cool Mo Maigcal Number App Android Android Application Component Export Vulnerability

CVE ID : CVE-2025-8258 Published : July 28, 2025, 5:16 a.m. | 5 hours, 45 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Cool Mo Maigcal Number App up to 1.0.3 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.sdmagic.number. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 05:16:00 GMT

read more

CVE-2025-8267 - Apache SSRF in ssrfcheck

CVE ID : CVE-2025-8267 Published : July 28, 2025, 5:16 a.m. | 5 hours, 45 minutes ago Description : Versions of the package ssrfcheck before 1.2.0 are vulnerable to Server-Side Request Forgery (SSRF) due to an incomplete denylist of IP address ranges. Specifically, the package fails to classify the reserved IP address space 224.0.0.0/4 (Multicast) as invalid. This oversight allows attackers to craft requests targeting these multicast addresses. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 05:16:00 GMT

read more

CVE-2025-8254 - Campcodes Courier Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8254 Published : July 28, 2025, 4:15 a.m. | 6 hours, 46 minutes ago Description : A vulnerability was found in Campcodes Courier Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view_parcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 04:15:00 GMT

read more

CVE-2025-8255 - "Code-projects Exam Form Submission Unrestricted File Upload Vulnerability"

CVE ID : CVE-2025-8255 Published : July 28, 2025, 4:15 a.m. | 6 hours, 46 minutes ago Description : A vulnerability was found in code-projects Exam Form Submission 1.0. It has been rated as critical. This issue affects some unknown processing of the file /register.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 04:15:00 GMT

read more

CVE-2023-53159 - OpenSSL X509VerifyParamRef Out-of-Bounds Read

CVE ID : CVE-2023-53159 Published : July 28, 2025, 3:15 a.m. | 7 hours, 46 minutes ago Description : The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2023-53160 - Sequoia OpenPGP Array Access Vulnerability

CVE ID : CVE-2023-53160 Published : July 28, 2025, 3:15 a.m. | 7 hours, 46 minutes ago Description : The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic. Severity: 2.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2023-53161 - Apache Buffered-Reader Out-of-Bounds Array Access Panic

CVE ID : CVE-2023-53161 Published : July 28, 2025, 3:15 a.m. | 7 hours, 46 minutes ago Description : The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic. Severity: 2.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2025-8252 - Code-projects Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8252 Published : July 28, 2025, 3:15 a.m. | 7 hours, 46 minutes ago Description : A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/delete_s5.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2025-8253 - "Code-Projects Exam Form Submission SQL Injection Vulnerability"

CVE ID : CVE-2025-8253 Published : July 28, 2025, 3:15 a.m. | 7 hours, 46 minutes ago Description : A vulnerability was found in code-projects Exam Form Submission 1.0. It has been classified as critical. This affects an unknown part of the file /admin/delete_s6.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 03:15:00 GMT

read more

CVE-2025-8251 - Code-projects Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8251 Published : July 28, 2025, 2:15 a.m. | 8 hours, 46 minutes ago Description : A vulnerability has been found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/delete_s4.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 02:15:00 GMT

read more

CVE-2022-50237 - Apache Ed25519-Dalek RSA Private Key Extraction Vulnerability

CVE ID : CVE-2022-50237 Published : July 28, 2025, 2:15 a.m. | 6 hours, 55 minutes ago Description : The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 02:15:00 GMT

read more

CVE-2023-53158 - Apache Gix Command Execution Vulnerability

CVE ID : CVE-2023-53158 Published : July 28, 2025, 1:15 a.m. | 7 hours, 55 minutes ago Description : The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability (involving a username field) that is more difficult to exploit. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 01:15:00 GMT

read more

CVE-2025-8248 - Code-projects Online Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-8248 Published : July 28, 2025, 1:15 a.m. | 7 hours, 55 minutes ago Description : A vulnerability classified as critical was found in code-projects Online Ordering System 1.0. This vulnerability affects unknown code of the file /signup.php. The manipulation of the argument firstname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 01:15:00 GMT

read more

CVE-2025-8249 - Apache Code-projects Exam Form Submission SQL Injection Vulnerability

CVE ID : CVE-2025-8249 Published : July 28, 2025, 1:15 a.m. | 7 hours, 55 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Exam Form Submission 1.0. This issue affects some unknown processing of the file /admin/update_s3.php. The manipulation of the argument credits leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 01:15:00 GMT

read more

CVE-2025-8250 - "Code-Projects Exam Form Submission SQL Injection Vulnerability"

CVE ID : CVE-2025-8250 Published : July 28, 2025, 1:15 a.m. | 7 hours, 55 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Exam Form Submission 1.0. Affected is an unknown function of the file /admin/update_s4.php. The manipulation of the argument credits leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 01:15:00 GMT

read more

CVE-2023-53157 - Rosenpass Crate Denial of Service Vulnerability

CVE ID : CVE-2023-53157 Published : July 28, 2025, 12:15 a.m. | 8 hours, 55 minutes ago Description : The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service (panic) via a one-byte UDP packet. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 00:15:00 GMT

read more

CVE-2025-8247 - Projectworlds Online Admission System SQL Injection Vulnerability

CVE ID : CVE-2025-8247 Published : July 28, 2025, 12:15 a.m. | 8 hours, 55 minutes ago Description : A vulnerability classified as critical has been found in Projectworlds Online Admission System 1.0. This affects an unknown part of the file /admin.php. The manipulation of the argument markof leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 28 Jul 2025 00:15:00 GMT

read more

CVE-2025-8246 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-8246 Published : July 27, 2025, 11:15 p.m. | 9 hours, 55 minutes ago Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formRoute of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 27 Jul 2025 23:15:00 GMT

read more

Fuite de données chez Orange

]]>

Fri Jul 25 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Cybermalveillance.gouv.fr lance une AlerteCyber concernant deux failles de sécurité critiques dans Microsoft SharePoint

]]>

Thu, 24 Jul 2025 10:20:00 GMT

read more

CRA, l’ANSSI encourage l’implication d’organismes d’évaluation de la conformité

]]>

Thu, 24 Jul 2025 07:37:00 GMT

read more

CVE-2025-54365 - Fastapi-Guard Regular Expression ReDoS Bypass

CVE ID : CVE-2025-54365 Published : July 23, 2025, 11:15 p.m. | 4 days, 7 hours ago Description : fastapi-guard is a security library for FastAPI that provides middleware to control IPs, log requests, detect penetration attempts and more. In version 3.0.1, the regular expression patched to mitigate the ReDoS vulnerability by limiting the length of string fails to catch inputs that exceed this limit. This type of patch fails to detect cases in which the string representing the attributes of a tag exceeds 100 characters. As a result, most of the regex patterns present in version 3.0.1 can be bypassed. This is fixed in version 3.0.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 23:15:00 GMT

read more

CVE-2016-15044 - Kaltura Remote Code Execution Vulnerability

CVE ID : CVE-2016-15044 Published : July 23, 2025, 10:15 p.m. | 4 days, 8 hours ago Description : A remote code execution vulnerability exists in Kaltura versions prior to 11.1.0-2 due to unsafe deserialization of user-controlled data within the keditorservices module. An unauthenticated remote attacker can exploit this issue by sending a specially crafted serialized PHP object in the kdata GET parameter to the redirectWidgetCmd endpoint. Successful exploitation leads to execution of arbitrary PHP code in the context of the web server process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 22:15:00 GMT

read more

CVE-2025-32019 - Harbor Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-32019 Published : July 23, 2025, 9:15 p.m. | 4 days, 9 hours ago Description : Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0-rc1 and 2.13.0-rc1, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed in versions 2.11.3 and 2.12.3. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-47281 - Kyverno JMESPath Variable Substitution Denial of Service

CVE ID : CVE-2025-47281 Published : July 23, 2025, 9:15 p.m. | 4 days, 9 hours ago Description : Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service (DoS) vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the {{@}} variable combined with a pipe and an invalid JMESPath function (e.g., {{@ | non_existent_function }}). This leads to a nil value being substituted into the policy structure. Subsequent processing by internal functions, specifically getValueAsStringMap, which expect string values, results in a panic due to a type assertion failure (interface {} is nil, not string). This crashes Kyverno worker threads in the admission controller and causes continuous crashes of the reports controller pod. This is fixed in version 1.14.2. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-53537 - LibHTP HTTP Protocol Parsing Memory Leak Vulnerability

CVE ID : CVE-2025-53537 Published : July 23, 2025, 9:15 p.m. | 4 days, 9 hours ago Description : LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set `suricata.yaml app-layer.protocols.http.libhtp.default-config.lzma-enabled` to false. This issue is fixed in version 0.5.51. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-53942 - Authentik OAuth/SAML Deactivated User Partial Access Vulnerability

CVE ID : CVE-2025-53942 Published : July 23, 2025, 9:15 p.m. | 4 days, 9 hours ago Description : authentik is an open-source Identity Provider that emphasizes flexibility and versatility, with support for a wide set of protocols. In versions 2025.4.4 and earlier, as well as versions 2025.6.0-rc1 through 2025.6.3, deactivated users who registered through OAuth/SAML or linked their accounts to OAuth/SAML providers can still retain partial access to the system despite their accounts being deactivated. They end up in a half-authenticated state where they cannot access the API but crucially they can authorize applications if they know the URL of the application. To workaround this issue, developers can add an expression policy to the user login stage on the respective authentication flow with the expression of return request.context["pending_user"].is_active. This modification ensures that the return statement only activates the user login stage when the user is active. This issue is fixed in versions authentik 2025.4.4 and 2025.6.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-54371 - Apache Struts Remote Code Execution

CVE ID : CVE-2025-54371 Published : July 23, 2025, 9:15 p.m. | 4 days, 9 hours ago Description : Rejected reason: This CVE is a duplicate of another CVE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-54377 - Roo Code Multi-Line Command Injection Vulnerability

CVE ID : CVE-2025-54377 Published : July 23, 2025, 9:15 p.m. | 4 days, 9 hours ago Description : Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions 3.23.18 and below, RooCode does not validate line breaks (\n) in its command input, allowing potential bypass of the allow-list mechanism. The project appears to lack parsing or validation logic to prevent multi-line command injection. When commands are evaluated for execution, only the first line or token may be considered, enabling attackers to smuggle additional commands in subsequent lines. This is fixed in version 3.23.19. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 21:15:00 GMT

read more

CVE-2025-44109 - Pinokio URL Redirection Vulnerability

CVE ID : CVE-2025-44109 Published : July 23, 2025, 8:15 p.m. | 4 days, 10 hours ago Description : A URL redirection in Pinokio v3.6.23 allows attackers to redirect victim users to attacker-controlled pages. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 20:15:00 GMT

read more

CVE-2025-8058 - "GNU C Library Regcomp Double Free Vulnerability"

CVE ID : CVE-2025-8058 Published : July 23, 2025, 8:15 p.m. | 4 days, 10 hours ago Description : The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 20:15:00 GMT

read more

CVE-2025-46686 - Redis Memory Allocation Vulnerability

CVE ID : CVE-2025-46686 Published : July 23, 2025, 7:15 p.m. | 4 days, 11 hours ago Description : Redis through 7.4.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 19:15:00 GMT

read more

CVE-2025-47187 - Mitel SIP Phones File Upload Vulnerability

CVE ID : CVE-2025-47187 Published : July 23, 2025, 7:15 p.m. | 4 days, 11 hours ago Description : A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit through 6.4 SP4, could allow an unauthenticated attacker to perform a file upload attack due to missing authentication mechanisms. A successful exploit could allow an attacker to upload arbitrary WAV files, which may potentially exhaust the phone's storage without affecting the phone's availability or operation. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 19:15:00 GMT

read more

CVE-2025-50477 - Lbry-Desktop URL Redirection Vulnerability

CVE ID : CVE-2025-50477 Published : July 23, 2025, 7:15 p.m. | 4 days, 11 hours ago Description : A URL redirection in lbry-desktop v0.53.9 allows attackers to redirect victim users to attacker-controlled pages. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 19:15:00 GMT

read more

CVE-2025-4439 - GitLab Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4439 Published : July 23, 2025, 6:15 p.m. | 4 days, 12 hours ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an authenticated user to perform cross-site scripting attacks when the instance is served through certain content delivery networks. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 18:15:00 GMT

read more

CVE-2025-4700 - GitLab CE/EE Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4700 Published : July 23, 2025, 6:15 p.m. | 4 days, 12 hours ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific circumstances, could have potentially allowed a successful attacker to trigger unintended content rendering leading to XSS. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 18:15:00 GMT

read more

CVE-2025-2633 - NI LabVIEW Out-of-Bounds Read Arbitrary Code Execution

CVE ID : CVE-2025-2633 Published : July 23, 2025, 4:15 p.m. | 4 days, 14 hours ago Description : Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in lvre!UDecStrToNum that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-2634 - NI LabVIEW Fontmgr Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-2634 Published : July 23, 2025, 4:15 p.m. | 4 days, 14 hours ago Description : Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-46171 - vBulletin Denial-of-Service Vulnerability

CVE ID : CVE-2025-46171 Published : July 23, 2025, 4:15 p.m. | 4 days, 14 hours ago Description : vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist endpoint. If an authenticated user has a sufficiently large buddy list, processing the list can consume excessive memory, exhausting system resources and crashing the forum. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-50481 - Mezzanine CMS XSS Vulnerability

CVE ID : CVE-2025-50481 Published : July 23, 2025, 4:15 p.m. | 4 days, 14 hours ago Description : A cross-site scripting (XSS) vulnerability in the component /blog/blogpost/add of Mezzanine CMS v6.1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into a blog post. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-8069 - AWS Client VPN Windows OpenSSL Configuration File Execution

CVE ID : CVE-2025-8069 Published : July 23, 2025, 4:15 p.m. | 4 days, 14 hours ago Description : During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x86_64-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If an admin user starts the AWS Client VPN client installation process, that code could be executed with root-level privileges. This issue does not affect Linux or Mac devices. We recommend users discontinue any new installations of AWS Client VPN on Windows prior to version 5.2.2. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 16:15:00 GMT

read more

CVE-2025-36117 - IBM Db2 Mirror for i Session ID Impersonation Vulnerability

CVE ID : CVE-2025-36117 Published : July 23, 2025, 3:15 p.m. | 4 days, 15 hours ago Description : IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-40596 - SMA100 Series Web Interface Stack-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-40596 Published : July 23, 2025, 3:15 p.m. | 4 days, 15 hours ago Description : A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-40597 - D-Link SMA100 Series Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-40597 Published : July 23, 2025, 3:15 p.m. | 4 days, 15 hours ago Description : A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-40598 - HPE SMA100 Series Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40598 Published : July 23, 2025, 3:15 p.m. | 4 days, 15 hours ago Description : A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to potentially execute arbitrary JavaScript code. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-6018 - Linux PAM pam-config Local Privilege Escalation

CVE ID : CVE-2025-6018 Published : July 23, 2025, 3:15 p.m. | 4 days, 15 hours ago Description : A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-36116 - IBM Db2 Mirror for i Cross-Site WebSocket Hijacking Vulnerability

CVE ID : CVE-2025-36116 Published : July 23, 2025, 3:15 p.m. | 7 hours, 44 minutes ago Description : IBM Db2 Mirror for i 7.4, 7.5, and 7.6 GUI is affected by cross-site WebSocket hijacking vulnerability. By sending a specially crafted request, an unauthenticated malicious actor could exploit this vulnerability to sniff an existing WebSocket connection to then remotely perform operations that the user is not allowed to perform. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-33020 - IBM Engineering Systems Design Rhapsody Unencrypted Sensitive Information Disclosure

CVE ID : CVE-2025-33020 Published : July 23, 2025, 3:15 p.m. | 5 hours, 44 minutes ago Description : IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-33076 - IBM Engineering Systems Design Rhapsody Buffer Overflow Vulnerability

CVE ID : CVE-2025-33076 Published : July 23, 2025, 3:15 p.m. | 5 hours, 44 minutes ago Description : IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

CVE-2025-33077 - IBM Engineering Systems Design Rhapsody Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-33077 Published : July 23, 2025, 3:15 p.m. | 5 hours, 44 minutes ago Description : IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 15:15:00 GMT

read more

AlerteCyber : Failles de sécurité critiques dans Microsoft SharePoint

]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2022-4978 - Steppschuh Remote Control Server UDP Keystroke Injection RCE

CVE ID : CVE-2022-4978 Published : July 23, 2025, 2:15 p.m. | 6 hours, 44 minutes ago Description : Remote Control Server, maintained by Steppschuh, 3.1.1.12 allows unauthenticated remote code execution when authentication is disabled, which is the default configuration. The server exposes a custom UDP-based control protocol that accepts remote keyboard input events without verification. An attacker on the same network can issue a sequence of keystroke commands to launch a system shell and execute arbitrary commands, resulting in full system compromise. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2025-40599 - SonicWall SMA Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-40599 Published : July 23, 2025, 2:15 p.m. | 6 hours, 44 minutes ago Description : An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2025-46099 - Pluck CMS Remote Code Execution Vulnerability

CVE ID : CVE-2025-46099 Published : July 23, 2025, 2:15 p.m. | 6 hours, 44 minutes ago Description : In Pluck CMS 4.7.20-dev, an authenticated attacker can upload or create a crafted PHP file under the albums module directory and access it via the module routing logic in albums.site.php, resulting in arbitrary command execution through a GET parameter. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2025-54090 - Apache HTTP Server Rewrite Condition Evaluation Vulnerability

CVE ID : CVE-2025-54090 Published : July 23, 2025, 2:15 p.m. | 6 hours, 44 minutes ago Description : A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2015-10141 - Xdebug OS Command Injection

CVE ID : CVE-2015-10141 Published : July 23, 2025, 2:15 p.m. | 4 hours, 44 minutes ago Description : An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker can send a crafted eval command over this interface to execute arbitrary PHP code, which may invoke system-level functions such as system() or passthru(). This results in full compromise of the host under the privileges of the web server user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2016-15045 - Deepin lastore-daemon D-Bus Privilege Escalation Vulnerability

CVE ID : CVE-2016-15045 Published : July 23, 2025, 2:15 p.m. | 4 hours, 44 minutes ago Description : A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux (developed by Wuhan Deepin Technology Co., Ltd.). In versions 0.9.53-1 (Deepin 15.5) and 0.9.66-1 (Deepin 15.7), the D-Bus configuration permits any user in the sudo group to invoke the InstallPackage method without password authentication. By default, the first user created on Deepin is in the sudo group. An attacker with shell access can craft a .deb package containing a malicious post-install script and use dbus-send to install it via lastore-daemon, resulting in arbitrary code execution as root. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2017-20198 - Apache DC/OS Docker Container Escalation

CVE ID : CVE-2017-20198 Published : July 23, 2025, 2:15 p.m. | 4 hours, 44 minutes ago Description : The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem (/) with read/write privileges. When using a malicious Docker image, the attacker can write to /etc/cron.d/ on the host, achieving arbitrary code execution with root privileges. This impacts any system where the Docker daemon honors Marathon container configurations without policy enforcement. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2018-25113 - Dicoogle PACS Web Server Path Traversal Vulnerability

CVE ID : CVE-2018-25113 Published : July 23, 2025, 2:15 p.m. | 4 hours, 44 minutes ago Description : An unauthenticated path traversal vulnerability exists in Dicoogle PACS Web Server version 2.5.0 and possibly earlier. The vulnerability allows remote attackers to read arbitrary files on the underlying system by sending a crafted request to the /exportFile endpoint using the UID parameter. Successful exploitation can reveal sensitive files accessible by the web server user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2018-25114 - Apache osCommerce Remote Code Execution Vulnerability

CVE ID : CVE-2018-25114 Published : July 23, 2025, 2:15 p.m. | 4 hours, 44 minutes ago Description : A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1 due to insecure default configuration and missing authentication in the installer workflow. By default, the /install/ directory remains accessible after installation. An unauthenticated attacker can invoke install_4.php, submit crafted POST data, and inject arbitrary PHP code into the configure.php file. When the application later includes this file, the injected payload is executed, resulting in full server-side compromise. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2010-10012 - Apache HTTP Server Path Traversal Vulnerability

CVE ID : CVE-2010-10012 Published : July 23, 2025, 2:15 p.m. | 3 hours, 15 minutes ago Description : A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server, that allows unauthenticated attackers to read arbitrary files on the host system. By sending a specially crafted GET request containing a sequence of URL-encoded backslashes and directory traversal patterns, an attacker can escape the web root and access sensitive files outside of the intended directory. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 14:15:00 GMT

read more

CVE-2025-4411 - Dataprom Informatics PACS-ACSS Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4411 Published : July 23, 2025, 1:15 p.m. | 4 hours, 15 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dataprom Informatics PACS-ACSS allows Cross-Site Scripting (XSS).This issue affects PACS-ACSS: before 16.05.2025. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 13:15:00 GMT

read more

CVE-2025-50127 - Joomla DJ-Flyer SQL Injection Vulnerability

CVE ID : CVE-2025-50127 Published : July 23, 2025, 12:15 p.m. | 3 hours, 15 minutes ago Description : A SQLi vulnerability in DJ-Flyer component 1.0-3.2 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-54294 - Komento SQL Injection Vulnerability

CVE ID : CVE-2025-54294 Published : July 23, 2025, 12:15 p.m. | 3 hours, 15 minutes ago Description : A SQLi vulnerability in Komento component 4.0.0-4.0.7for Joomla was discovered. The issue allows unprivileged users to execute arbitrary SQL commands. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-54295 - Joomla DJ-Reviews Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54295 Published : July 23, 2025, 12:15 p.m. | 3 hours, 15 minutes ago Description : A Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla was discovered. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-54296 - Joomla ProFiles Stored XSS

CVE ID : CVE-2025-54296 Published : July 23, 2025, 12:15 p.m. | 3 hours, 15 minutes ago Description : A stored XSS vulnerability in ProFiles component 1.0-1.5.0 for Joomla was discovered. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-54297 - "Joomla CComment Stored XSS"

CVE ID : CVE-2025-54297 Published : July 23, 2025, 12:15 p.m. | 3 hours, 15 minutes ago Description : A stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla was discovered. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-12310 - Imprivata Enterprise Access Management Windows Autologon Keyboard Shortcut Bypass

CVE ID : CVE-2024-12310 Published : 2025年7月23日12:15 | 2時間, 52分 ago Description : A vulnerability in Imprivata Enterprise Access Management (formerly Imprivata OneSign) allows bypassing the login screen of the shared kiosk workstation and allows unauthorized access to the underlying Windows system through the already logged-in autologon account due to insufficient handling of keyboard shortcuts. This issue affects Imprivata Enterprise Access Management versions 5.3 through 24.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-40682 - IBM SmartCloud Analytics Log Analysis Input Validation Denial of Service

CVE ID : CVE-2024-40682 Published : 2025年7月23日12:15 | 2時間, 52分 ago Description : IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local user to cause a denial of service due to improper validation of specified type of input. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-40686 - IBM SmartCloud Analytics - Log Analysis HTTP Header Injection Vulnerability

CVE ID : CVE-2024-40686 Published : 2025年7月23日12:15 | 2時間, 52分 ago Description : IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-41750 - IBM SmartCloud Analytics Log Analysis Authentication Bypass Vulnerability

CVE ID : CVE-2024-41750 Published : 2025年7月23日12:15 | 2時間, 52分 ago Description : IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2024-41751 - IBM SmartCloud Analytics Log Analysis Bypass Security Vulnerability

CVE ID : CVE-2024-41751 Published : 2025年7月23日12:15 | 2時間, 52分 ago Description : IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-4296 - HotelRunner B2B Open Redirect

CVE ID : CVE-2025-4296 Published : 2025年7月23日12:15 | 2時間, 52分 ago Description : URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HotelRunner B2B allows Forceful Browsing.This issue affects B2B: before 04.06.2025. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 12:15:00 GMT

read more

CVE-2025-27930 - Zohocorp ManageEngine Applications Manager Stored Cross-Site Scripting

CVE ID : CVE-2025-27930 Published : 2025年7月23日11:15 | 3時間, 52分 ago Description : Zohocorp ManageEngine Applications Manager versions 176600 and prior are vulnerable to stored cross-site scripting in the File/Directory monitor. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 11:15:00 GMT

read more

CVE-2025-53882 - "OpenSUSE Mailman3 Logrotate Untrusted Input Escalation"

CVE ID : CVE-2025-53882 Published : 2025年7月23日10:15 | 4時間, 52分 ago Description : A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logrotate configuration for openSUSEs mailman3 package allows potential escalation from mailman to rootThis issue affects openSUSE Tumbleweed: from ? before 3.3.10-2.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 10:15:00 GMT

read more

CVE-2025-41687 - Cisco u-link Management API Stack Buffer Overflow Vulnerability

CVE ID : CVE-2025-41687 Published : 2025年7月23日9:15 | 5時間, 52分 ago Description : An unauthenticated remote attacker may use a stack based buffer overflow in the u-link Management API to gain full access on the affected devices. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 09:15:00 GMT

read more

CVE-2025-41683 - Apache Device Command Injection Vulnerability

CVE ID : CVE-2025-41683 Published : July 23, 2025, 9:15 a.m. | 4 hours, 14 minutes ago Description : An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint event_mail_test). Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 09:15:00 GMT

read more

CVE-2025-41684 - Apache IoT Command Injection Vulnerability

CVE ID : CVE-2025-41684 Published : July 23, 2025, 9:15 a.m. | 4 hours, 14 minutes ago Description : An authenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of improper sanitizing of user input in the Main Web Interface (endpoint tls_iotgen_setting). Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 09:15:00 GMT

read more

CVE-2025-8070 - "ABP AES Unquoted Service Path Privilege Escalation Vulnerability"

CVE ID : CVE-2025-8070 Published : July 23, 2025, 8:15 a.m. | 5 hours, 14 minutes ago Description : The Windows service configuration of ABP and AES contains an unquoted ImagePath registry value vulnerability. This allows a local attacker to execute arbitrary code by placing a malicious executable in a predictable location such as C:\Program.exe. If the service runs with elevated privileges, exploitation results in privilege escalation to SYSTEM level. This vulnerability arises from an unquoted service path affecting systems where the executable resides in a path containing spaces. Affected products and versions include: ABP 2.0.7.6130 and earlier as well as AES 1.0.6.6133 and earlier. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 08:15:00 GMT

read more

CVE-2025-31700 - Dahua Network Device Buffer Overflow Vulnerability

CVE ID : CVE-2025-31700 Published : July 23, 2025, 7:15 a.m. | 6 hours, 14 minutes ago Description : A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption (e.g., crashes) or remote code execution (RCE). Some devices may have deployed protection mechanisms such as Address Space Layout Randomization (ASLR), which reduces the likelihood of successful RCE exploitation. However, denial-of-service (DoS) attacks remain a concern. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 07:15:00 GMT

read more

CVE-2025-31701 - Dahua Network Device Buffer Overflow Vulnerability

CVE ID : CVE-2025-31701 Published : July 23, 2025, 7:15 a.m. | 6 hours, 14 minutes ago Description : A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption (e.g., crashes) or remote code execution (RCE). Some devices may have deployed protection mechanisms such as Address Space Layout Randomization (ASLR), which reduces the likelihood of successful RCE exploitation. However, denial-of-service (DoS) attacks remain a concern. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 07:15:00 GMT

read more

CVE-2025-54452 - Samsung MagicINFO 9 Server Authentication Bypass

CVE ID : CVE-2025-54452 Published : July 23, 2025, 6:15 a.m. | 7 hours, 14 minutes ago Description : Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54453 - Samsung MagicINFO 9 Server Path Traversal Code Injection

CVE ID : CVE-2025-54453 Published : July 23, 2025, 6:15 a.m. | 7 hours, 14 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54454 - Samsung Electronics MagicINFO 9 Server Hard-coded Credentials Authentication Bypass Vulnerability

CVE ID : CVE-2025-54454 Published : July 23, 2025, 6:15 a.m. | 7 hours, 14 minutes ago Description : Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54455 - Samsung MagicINFO 9 Server Hard-coded Credentials Authentication Bypass

CVE ID : CVE-2025-54455 Published : July 23, 2025, 6:15 a.m. | 7 hours, 14 minutes ago Description : Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-6174 - Qwizcards WordPress Plugin Reflected Cross-Site Scripting

CVE ID : CVE-2025-6174 Published : July 23, 2025, 6:15 a.m. | 7 hours, 14 minutes ago Description : The Qwizcards | online quizzes and flashcards WordPress plugin through 3.9.4 does not sanitise and escape the "_stylesheet" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or any other user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54451 - Samsung Electronics MagicINFO 9 Server Code Injection Vulnerability

CVE ID : CVE-2025-54451 Published : July 23, 2025, 6:15 a.m. | 6 hours, 40 minutes ago Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54439 - Samsung Electronics MagicINFO 9 Server File Upload Vulnerability

CVE ID : CVE-2025-54439 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54440 - Samsung Electronics MagicINFO 9 Server File Upload Code Injection Vulnerability

CVE ID : CVE-2025-54440 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54441 - Samsung Electronics MagicINFO 9 Server Unrestricted File Upload Code Injection Vulnerability

CVE ID : CVE-2025-54441 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54442 - Samsung Electronics MagicINFO 9 Server File Upload Code Injection Vulnerability

CVE ID : CVE-2025-54442 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54443 - Samsung MagicINFO 9 Server Path Traversal Vulnerability

CVE ID : CVE-2025-54443 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0 Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54444 - Samsung Electronics MagicINFO 9 Server File Upload Code Injection Vulnerability

CVE ID : CVE-2025-54444 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54445 - Samsung MagicINFO 9 Server XML External Entity Reference SSRF

CVE ID : CVE-2025-54445 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54446 - Samsung MagicINFO 9 Server Path Traversal

CVE ID : CVE-2025-54446 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0 Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54447 - Samsung Electronics MagicINFO 9 Server Unrestricted File Upload Code Injection Vulnerability

CVE ID : CVE-2025-54447 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54448 - Samsung Electronics MagicINFO 9 Server Unrestricted File Upload Code Injection Vulnerability

CVE ID : CVE-2025-54448 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54449 - Samsung Electronics MagicINFO 9 Server Unrestricted File Upload Code Injection Vulnerability

CVE ID : CVE-2025-54449 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54450 - Samsung MagicINFO 9 Server Path Traversal Code Injection Vulnerability

CVE ID : CVE-2025-54450 Published : July 23, 2025, 6:15 a.m. | 4 hours, 40 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-54438 - Samsung MagicINFO 9 Server Path Traversal Vulnerability

CVE ID : CVE-2025-54438 Published : July 23, 2025, 6:15 a.m. | 2 hours, 44 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0 Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 06:15:00 GMT

read more

CVE-2025-8020 - Private-IP SSRF

CVE ID : CVE-2025-8020 Published : July 23, 2025, 5:15 a.m. | 3 hours, 44 minutes ago Description : All versions of the package private-ip are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide an IP or hostname that resolves to a multicast IP address (224.0.0.0/4) which is not included as part of the private IP ranges in the package's source code. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2025-8021 - Files-Bucket-Server Directory Traversal

CVE ID : CVE-2025-8021 Published : July 23, 2025, 5:15 a.m. | 3 hours, 44 minutes ago Description : All versions of the package files-bucket-server are vulnerable to Directory Traversal where an attacker can traverse the file system and access files outside of the intended directory. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2025-8022 - "Bun OS Command Injection Vulnerability"

CVE ID : CVE-2025-8022 Published : July 23, 2025, 5:15 a.m. | 3 hours, 44 minutes ago Description : All versions of the package bun are vulnerable to Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the $ shell API due to improper neutralization of user input. An attacker can exploit this by providing specially crafted input that includes command-line arguments or shell metacharacters, leading to unintended command execution. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2024-53287 - Synology Router Manager SRM Cross-site Scripting Vulnerability

CVE ID : CVE-2024-53287 Published : July 23, 2025, 5:15 a.m. | 1 hour, 43 minutes ago Description : Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in VPN Setting functionality in Synology Router Manager (SRM) before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to inject arbitrary web script or HTML via unspecified vectors. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2024-53288 - Synology Router Manager SRM Cross-site Scripting Vulnerability

CVE ID : CVE-2024-53288 Published : July 23, 2025, 5:15 a.m. | 1 hour, 43 minutes ago Description : Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in NTP Region functionality in Synology Router Manager (SRM) before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to inject arbitrary web script or HTML via unspecified vectors. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2025-43881 - Real-time Bus Tracking System Denial of Service

CVE ID : CVE-2025-43881 Published : July 23, 2025, 5:15 a.m. | 1 hour, 43 minutes ago Description : Improper validation of specified quantity in input issue exists in Real-time Bus Tracking System versions prior to 1.1. If exploited, a denial of service (DoS) condition may be caused by an attacker who can log in to the administrative page of the affected product. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 05:15:00 GMT

read more

CVE-2025-42947 - SAP FICA ODN Framework Remote Code Execution

CVE ID : CVE-2025-42947 Published : July 23, 2025, 4:15 a.m. | 43 minutes ago Description : SAP FICA ODN framework allows a high privileged user to inject value inside the local variable which can then be executed by the application. An attacker could thereby control the behaviour of the application causing high impact on integrity, low impact on availability and no impact on confidentiality of the application. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 04:15:00 GMT

read more

CVE-2025-5753 - WordPress Valuation Calculator Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5753 Published : July 23, 2025, 3:15 a.m. | 1 hour, 43 minutes ago Description : The Valuation Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-5818 - "Unsplash WordPress Plugin SSRF Vulnerability"

CVE ID : CVE-2025-5818 Published : July 23, 2025, 3:15 a.m. | 1 hour, 43 minutes ago Description : The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.4 via the fip_get_image_options() function. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6054 - "YANewsflash WordPress CSRF"

CVE ID : CVE-2025-6054 Published : July 23, 2025, 3:15 a.m. | 1 hour, 43 minutes ago Description : The YANewsflash plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to missing or incorrect nonce validation on the 'yanewsflash/yanewsflash.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6190 - Realty Portal – Agent WordPress Privilege Escalation

CVE ID : CVE-2025-6190 Published : July 23, 2025, 3:15 a.m. | 1 hour, 43 minutes ago Description : The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the rp_user_profile() AJAX handler in versions 0.1.0 through 0.3.9. The handler reads the client-supplied meta key and value pairs from $_POST and passes them directly to update_user_meta() without restricting to a safe whitelist. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the wp_capabilities meta and grant themselves the administrator role. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6214 - Omnishop for WordPress CSRF Vulnerability

CVE ID : CVE-2025-6214 Published : July 23, 2025, 3:15 a.m. | 1 hour, 43 minutes ago Description : The Omnishop plugin for WordPress is vulnerable to Cross-Site Request Forgery on its /users/delete REST route in all versions up to, and including, 1.0.9. The route’s permission_callback only verifies that the requester is logged in, but fails to require any nonce or other proof of intent. This makes it possible for unauthenticated attackers to delete arbitrary user accounts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6215 - Omnishop Plugin for WordPress Unauthenticated User Registration Bypass

CVE ID : CVE-2025-6215 Published : July 23, 2025, 3:15 a.m. | 1 hour, 43 minutes ago Description : The Omnishop plugin for WordPress is vulnerable to Unauthenticated Registration Bypass in all versions up to, and including, 1.0.9. Its /users/register endpoint is exposed to the public (permission_callback always returns true) and invokes wp_create_user() unconditionally, ignoring the site’s users_can_register option and any nonce or CAPTCHA checks. This makes it possible for unauthenticated attackers to create arbitrary user accounts (customer) on sites where registrations should be closed. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-6261 - Fleetwire Fleet Management WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-6261 Published : July 23, 2025, 3:15 a.m. | 1 hour, 43 minutes ago Description : The Fleetwire Fleet Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fleetwire_list shortcode in all versions up to, and including, 1.0.19 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-7722 - WordPress Social Streams Privilege Escalation Vulnerability

CVE ID : CVE-2025-7722 Published : July 23, 2025, 3:15 a.m. | 1 hour, 43 minutes ago Description : The Social Streams plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.1. This is due to the plugin not properly validating a user's identity prior to updating their user meta information in the update_user_meta() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change their user type to that of an administrator. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 03:15:00 GMT

read more

CVE-2025-8060 - Tenda AC23 HTTPd Stack-Based Buffer Overflow

CVE ID : CVE-2025-8060 Published : July 23, 2025, 2:15 a.m. | 2 hours, 43 minutes ago Description : A vulnerability has been found in Tenda AC23 16.03.07.52 and classified as critical. Affected by this vulnerability is the function sub_46C940 of the file /goform/setMacFilterCfg of the component httpd. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 02:15:00 GMT

read more

CVE-2025-54120 - PCL CE Unintended Login Credential Logging

CVE ID : CVE-2025-54120 Published : July 23, 2025, 1:15 a.m. | 3 hours, 43 minutes ago Description : PCL (Plain Craft Launcher) Community Edition is a Minecraft launcher. In PCL CE versions 2.12.0-beta.5 to 2.12.0-beta.9, the login credentials used during the third-party login process are accidentally recorded in the local log file. Although the log file is not automatically uploaded or shared, if the user manually sends the log file, there is a risk of leakage. This is fixed in version 2.12.0-beta.10. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 01:15:00 GMT

read more

CVE-2025-43483 - Poly Clariti Manager Cryptographic Key Disclosure Vulnerability

CVE ID : CVE-2025-43483 Published : July 23, 2025, 12:15 a.m. | 4 hours, 43 minutes ago Description : A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the retrieval of hardcoded cryptographic keys. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43484 - Poly Clariti Manager Cross-Site Scripting (XSS)

CVE ID : CVE-2025-43484 Published : July 23, 2025, 12:15 a.m. | 4 hours, 43 minutes ago Description : A potential reflected cross-site scripting vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The website does not validate or sanitize the user input before rendering it in the response. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43485 - Poly Clariti Manager Information Disclosure Vulnerability

CVE ID : CVE-2025-43485 Published : July 23, 2025, 12:15 a.m. | 4 hours, 43 minutes ago Description : A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43486 - Poly Clariti Manager Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-43486 Published : July 23, 2025, 12:15 a.m. | 4 hours, 43 minutes ago Description : A potential stored cross-site scripting vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The website allows user input to be stored and rendered without proper sanitization. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43487 - Poly Clariti Manager Sudo Privilege Escalation Vulnerability

CVE ID : CVE-2025-43487 Published : July 23, 2025, 12:15 a.m. | 4 hours, 43 minutes ago Description : A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43488 - Poly Clariti Manager XSS Bypass

CVE ID : CVE-2025-43488 Published : July 23, 2025, 12:15 a.m. | 4 hours, 43 minutes ago Description : A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could allow a bypass of the application's XSS filter by submitting untrusted characters. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43489 - Poly Clariti Manager Deserialization Vulnerability

CVE ID : CVE-2025-43489 Published : July 23, 2025, 12:15 a.m. | 4 hours, 43 minutes ago Description : A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could deserialize untrusted data without validation. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-54139 - HAX CMS Clickjacking Vulnerability

CVE ID : CVE-2025-54139 Published : July 23, 2025, 12:15 a.m. | 4 hours, 43 minutes ago Description : HAX CMS allows users to manage their microsite universe with a NodeJS or PHP backend. In haxcms-nodejs versions 11.0.12 and below and in haxcms-php versions 11.0.7 and below, all pages within the HAX CMS application do not contain headers to prevent other websites from loading the site within an iframe. This applies to both the CMS and generated sites. An unauthenticated attacker can load the standalone login page or other sensitive functionality within an iframe, performing a UI redressing attack (clickjacking). This can be used to perform social engineering attacks to attempt to coerce users into performing unintended actions within the HAX CMS application. This is fixed in haxcms-nodejs version 11.0.13 and haxcms-php 11.0.8. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 23 Jul 2025 00:15:00 GMT

read more

CVE-2025-43020 - Poly Clariti Manager Command Injection

CVE ID : CVE-2025-43020 Published : July 22, 2025, 11:15 p.m. | 5 hours, 43 minutes ago Description : A potential command injection vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could allow a privileged user to submit arbitrary input. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 23:15:00 GMT

read more

CVE-2025-43021 - Poly Clariti Manager Default Password Disclosure Vulnerability

CVE ID : CVE-2025-43021 Published : July 22, 2025, 11:15 p.m. | 5 hours, 43 minutes ago Description : A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 23:15:00 GMT

read more

CVE-2025-43022 - Poly Clariti Manager SQL Injection Vulnerability

CVE ID : CVE-2025-43022 Published : July 22, 2025, 11:15 p.m. | 5 hours, 43 minutes ago Description : A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow a privileged user to execute SQL commands. HP has addressed the issue in the latest software update. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 23:15:00 GMT

read more

CVE-2025-7766 - Lantronix Provisioning Manager XML External Entity Injection RCE

CVE ID : CVE-2025-7766 Published : July 22, 2025, 10:15 p.m. | 6 hours, 43 minutes ago Description : Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-8010 - Google Chrome V8 Type Confusion Heap Corruption

CVE ID : CVE-2025-8010 Published : July 22, 2025, 10:15 p.m. | 6 hours, 43 minutes ago Description : Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-8011 - Google Chrome V8 Type Confusion Heap Corruption Vulnerability

CVE ID : CVE-2025-8011 Published : July 22, 2025, 10:15 p.m. | 6 hours, 43 minutes ago Description : Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-41425 - DuraComm SPM-500 Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-41425 Published : July 22, 2025, 10:15 p.m. | 4 hours, 42 minutes ago Description : DuraComm SPM-500 DP-10iN-100-MU is vulnerable to a cross-site scripting attack. This could allow an attacker to prevent legitimate users from accessing the web interface. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-48733 - DuraComm SPM-500 Authentication Bypass

CVE ID : CVE-2025-48733 Published : July 22, 2025, 10:15 p.m. | 4 hours, 42 minutes ago Description : DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user authentication. This could allow an attacker to repeatedly reboot the device. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-53538 - Suricata HTTP2 Data Stream 0 Memory Corruption Vulnerability

CVE ID : CVE-2025-53538 Published : July 22, 2025, 10:15 p.m. | 4 hours, 42 minutes ago Description : Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of visibility. Workarounds include disabling the HTTP/2 parser, and using a signature like drop http2 any any -> any any (frame:http2.hdr; byte_test:1,=,0,3; byte_test:4,=,0,5; sid: 1;) where the first byte test tests the HTTP2 frame type DATA and the second tests the stream id 0. This is fixed in versions 7.0.11 and 8.0.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-53703 - DuraComm SPM-500 Data Transmission Without Encryption Vulnerability

CVE ID : CVE-2025-53703 Published : July 22, 2025, 10:15 p.m. | 4 hours, 42 minutes ago Description : DuraComm SPM-500 DP-10iN-100-MU transmits sensitive data without encryption over a channel that could be intercepted by attackers. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54072 - Yt-dlp Windows Remote Code Execution Vulnerability

CVE ID : CVE-2025-54072 Published : July 22, 2025, 10:15 p.m. | 4 hours, 42 minutes ago Description : yt-dlp is a feature-rich command-line audio/video downloader. In versions 2025.06.25 and below, when the --exec option is used on Windows with the default placeholder (or {}), insufficient sanitization is applied to the expanded filepath, allowing for remote code execution. This is a bypass of the mitigation for CVE-2024-22423 where the default placeholder and {} were not covered by the new escaping rules. Windows users who are unable to upgrade should avoid using --exec altogether. Instead, the --write-info-json or --dump-json options could be used, with an external script or command line consuming the JSON output. This is fixed in version 2025.07.21. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54137 - HAX CMS NodeJS Hardcoded Credentials and Private Keys Vulnerability

CVE ID : CVE-2025-54137 Published : July 22, 2025, 10:15 p.m. | 4 hours, 42 minutes ago Description : HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend. Versions 11.0.9 and below were distributed with hardcoded default credentials for the user and superuser accounts. Additionally, the application has default private keys for JWTs. Users aren't prompted to change credentials or secrets during installation, and there is no way to change them through the UI. An unauthenticated attacker can read the default user credentials and JWT private keys from the public haxtheweb GitHub repositories. These credentials and keys can be used to access unconfigured self-hosted instances of the application, modify sites, and perform further attacks. This is fixed in version 11.0.10. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54138 - LibreNMS Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54138 Published : July 22, 2025, 10:15 p.m. | 4 hours, 42 minutes ago Description : LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. LibreNMS versions 25.6.0 and below contain an architectural vulnerability in the ajax_form.php endpoint that permits Remote File Inclusion based on user-controlled POST input. The application directly uses the type parameter to dynamically include .inc.php files from the trusted path includes/html/forms/, without validation or allowlisting. This pattern introduces a latent Remote Code Execution (RCE) vector if an attacker can stage a file in this include path — for example, via symlink, development misconfiguration, or chained vulnerabilities. This is fixed in version 25.7.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54140 - pyLoad Path Traversal Remote Code Execution Vulnerability

CVE ID : CVE-2025-54140 Published : July 22, 2025, 10:15 p.m. | 4 hours, 42 minutes ago Description : pyLoad is a free and open-source Download Manager written in pure Python. In version 0.5.0b3.dev89, an authenticated path traversal vulnerability exists in the /json/upload endpoint of pyLoad. By manipulating the filename of an uploaded file, an attacker can traverse out of the intended upload directory, allowing them to write arbitrary files to any location on the system accessible to the pyLoad process. This may lead to: Remote Code Execution (RCE), local privilege escalation, system-wide compromise, persistence, and backdoors. This is fixed in version 0.5.0b3.dev90. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-54141 - ViewVC Filesystem Exposure Vulnerability

CVE ID : CVE-2025-54141 Published : July 22, 2025, 10:15 p.m. | 4 hours, 42 minutes ago Description : ViewVC is a browser interface for CVS and Subversion version control repositories. In versions 1.1.0 through 1.1.31 and 1.2.0 through 1.2.3, the standalone.py script provided in the ViewVC distribution can expose the contents of the host server's filesystem though a directory traversal-style attack. This is fixed in versions 1.1.31 and 1.2.4. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 22:15:00 GMT

read more

CVE-2025-8043 - Firefox URL Truncation Vulnerability

CVE ID : CVE-2025-8043 Published : July 22, 2025, 9:15 p.m. | 3 hours, 42 minutes ago Description : Focus incorrectly truncated URLs towards the beginning instead of around the origin. This vulnerability affects Firefox 141 and Thunderbird 141. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8044 - Mozilla Firefox Memory Corruption Vulnerability

CVE ID : CVE-2025-8044 Published : July 22, 2025, 9:15 p.m. | 3 hours, 42 minutes ago Description : Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 141 and Thunderbird 141. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8030 - Mozilla Firefox/Thunderbird Cross-Site Scripting (XSS)

CVE ID : CVE-2025-8030 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This vulnerability affects Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8031 - Mozilla Firefox and Thunderbird HTTP Basic Authentication Credential Leak Vulnerability

CVE ID : CVE-2025-8031 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials. This vulnerability affects Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8032 - Mozilla Firefox/Thunderbird XSLT Document Loading CSP Bypass

CVE ID : CVE-2025-8032 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8033 - Mozilla Firefox/Thunderbird Null Pointer Dereference in JavaScript Engine

CVE ID : CVE-2025-8033 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8034 - Mozilla Firefox and Thunderbird Memory Corruption Vulnerability

CVE ID : CVE-2025-8034 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8035 - Mozilla Firefox/Thunderbird Memory Corruption Vulnerability

CVE ID : CVE-2025-8035 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8036 - Thunderbird CORS Preloading DNS Rebinding

CVE ID : CVE-2025-8036 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability affects Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8037 - Mozilla Cookie Secure Bypass

CVE ID : CVE-2025-8037 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerability affects Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8038 - Thunderbird Frame Navigation Path Validation Vulnerability

CVE ID : CVE-2025-8038 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability affects Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8039 - Firefox/Thunderbird URL Bar Search Term Persistence Vulnerability

CVE ID : CVE-2025-8039 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability affects Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-8040 - Mozilla Firefox and Thunderbird Memory Corruption Vulnerability

CVE ID : CVE-2025-8040 Published : July 22, 2025, 9:15 p.m. | 1 hour, 41 minutes ago Description : Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 21:15:00 GMT

read more

CVE-2025-31511 - AlertEnterprise Guardian Bypass Manager Approval Vulnerability

CVE ID : CVE-2025-31511 Published : July 22, 2025, 8:15 p.m. | 39 minutes ago Description : An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval by changing the user ID in a Request%20Building%20Access requestSubmit API call. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-31512 - AlertEnterprise Guardian Approval Bypass Vulnerability

CVE ID : CVE-2025-31512 Published : July 22, 2025, 8:15 p.m. | 39 minutes ago Description : An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval via isAddedByApprover in a Request%20Building%20Access requestSubmit API call. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-31513 - AlertEnterprise Guardian Privilege Escalation Vulnerability

CVE ID : CVE-2025-31513 Published : July 22, 2025, 8:15 p.m. | 39 minutes ago Description : An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can elevate to administrator privileges via the IsAdminApprover parameter in a Request%20Building%20Access requestSubmit API call. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-51458 - Eosphoros-ai DB-GPT SQL Injection

CVE ID : CVE-2025-51458 Published : July 22, 2025, 8:15 p.m. | 39 minutes ago Description : SQL Injection in editor_sql_run and query_ex in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary SQL statements via crafted input passed to the /v1/editor/sql/run or /v1/editor/chart/run endpoints, interacting with api_editor_v1.editor_sql_run, editor_chart_run, and datasource.rdbms.base.query_ex. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-51472 - TransformerOptimus SuperAGI Code Injection Vulnerability

CVE ID : CVE-2025-51472 Published : July 22, 2025, 8:15 p.m. | 39 minutes ago Description : Code Injection in AgentTemplate.eval_agent_config in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template configurations such as the goal, constraints, or instruction field, which are evaluated using eval() without validation during template loading or updates. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-51475 - SuperAGI File Overwrite Vulnerability

CVE ID : CVE-2025-51475 Published : July 22, 2025, 8:15 p.m. | 39 minutes ago Description : Arbitrary File Overwrite (AFO) in superagi.controllers.resources.upload in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to overwrite arbitrary files via unsanitised filenames submitted to the file upload endpoint, due to improper handling of directory traversal in os.path.join() and lack of path validation in get_root_input_dir(). Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 20:15:00 GMT

read more

CVE-2025-51459 - Eosphoros-ai DB-GPT File Upload RCE

CVE ID : CVE-2025-51459 Published : July 22, 2025, 7:15 p.m. | 1 hour, 39 minutes ago Description : File Upload vulnerability in agent.hub.controller.refresh_plugins in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary code via a malicious plugin ZIP file uploaded to the /v1/personal/agent/upload endpoint, interacting with plugin_hub._sanitize_filename and plugins_util.scan_plugins. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 19:15:00 GMT

read more

CVE-2025-51471 - Ollama Cross-Domain Token Exposure Information Disclosure

CVE ID : CVE-2025-51471 Published : July 22, 2025, 7:15 p.m. | 1 hour, 39 minutes ago Description : Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 19:15:00 GMT

read more

CVE-2025-51479 - Onyx Enterprise Edition Authorization Bypass Vulnerability

CVE ID : CVE-2025-51479 Published : July 22, 2025, 7:15 p.m. | 1 hour, 39 minutes ago Description : Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the /api/manage/admin/user-group/id endpoint, bypassing intended curator-group assignment checks. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 19:15:00 GMT

read more

CVE-2024-38335 - IBM Security QRadar Network Threat Analytics Resource Allocation DoS Vulnerability

CVE ID : CVE-2024-38335 Published : July 22, 2025, 6:15 p.m. | 2 hours, 39 minutes ago Description : IBM Security QRadar Network Threat Analytics 1.0.0 through 1.3.1 could allow a privileged user to cause a denial of service due to improper allocation of resources. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 18:15:00 GMT

read more

CVE-2025-48964 - Iputils Ping Denial of Service (Integer Overflow)

CVE ID : CVE-2025-48964 Published : July 22, 2025, 6:15 p.m. | 2 hours, 39 minutes ago Description : ping in iputils through 20240905 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero). Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 18:15:00 GMT

read more

CVE-2025-51464 - Aimhubio Aim XSS

CVE ID : CVE-2025-51464 Published : July 22, 2025, 6:15 p.m. | 2 hours, 39 minutes ago Description : Cross-site Scripting (XSS) in aimhubio Aim 3.28.0 allows remote attackers to execute arbitrary JavaScript in victims browsers via malicious Python code submitted to the /api/reports endpoint, which is interpreted and executed by Pyodide when the report is viewed. No sanitisation or sandbox restrictions prevent JavaScript execution via pyodide.code.run_js(). Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 18:15:00 GMT

read more

CVE-2025-51481 - Dagster Grpc Local File Inclusion Vulnerability

CVE ID : CVE-2025-51481 Published : July 22, 2025, 5:15 p.m. | 3 hours, 39 minutes ago Description : Local File Inclusion in dagster._grpc.impl.get_notebook_data in Dagster 1.10.14 allows attackers with access to the gRPC server to read arbitrary files by supplying path traversal sequences in the notebook_path field of ExternalNotebookData requests, bypassing the intended extension-based check. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 17:15:00 GMT

read more

CVE-2025-51482 - Letta AI Remote Code Execution

CVE ID : CVE-2025-51482 Published : July 22, 2025, 5:15 p.m. | 3 hours, 39 minutes ago Description : Remote Code Execution in letta.server.rest_api.routers.v1.tools.run_tool_from_source in letta-ai Letta 0.7.12 allows remote attackers to execute arbitrary Python code and system commands via crafted payloads to the /v1/tools/run endpoint, bypassing intended sandbox restrictions. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 17:15:00 GMT

read more

CVE-2025-6523 - Devolutions Server Weak Emergency Code Brute Force

CVE ID : CVE-2025-6523 Published : July 22, 2025, 5:15 p.m. | 3 hours, 39 minutes ago Description : Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe. This issue affects the following versions : * Devolutions Server 2025.2.2.0 through 2025.2.3.0 * Devolutions Server 2025.1.11.0 and earlier Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 17:15:00 GMT

read more

CVE-2025-6741 - Devolutions Server Secure Message Component Unauthorized Access Stealing Vulnerability

CVE ID : CVE-2025-6741 Published : July 22, 2025, 5:15 p.m. | 3 hours, 39 minutes ago Description : Improper access control in secure message component in Devolutions Server allows an authenticated user to steal unauthorized entries via the secure message entry attachment feature This issue affects the following versions : * Devolutions Server 2025.2.2.0 through 2025.2.4.0 * Devolutions Server 2025.1.11.0 and earlier Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 17:15:00 GMT

read more

CVE-2025-36512 - Bloomberg Comdb2 Denial of Service

CVE ID : CVE-2025-36512 Published : July 22, 2025, 4:15 p.m. | 4 hours, 39 minutes ago Description : A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction heartbeat. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to a database instance over TCP and send the crafted message to trigger this vulnerability. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-36520 - Bloomberg Comdb2 Denial of Service (Null Pointer Dereference)

CVE ID : CVE-2025-36520 Published : July 22, 2025, 4:15 p.m. | 4 hours, 39 minutes ago Description : A null pointer dereference vulnerability exists in the net_connectmsg Protocol Buffer Message functionality of Bloomberg Comdb2 8.1. A specially crafted network packets can lead to a denial of service. An attacker can send packets to trigger this vulnerability. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-46354 - Bloomberg Comdb2 Denial of Service Vulnerability

CVE ID : CVE-2025-46354 Published : July 22, 2025, 4:15 p.m. | 4 hours, 39 minutes ago Description : A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious packet to trigger this vulnerability. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-48498 - Bloomberg Comdb2 Distributed Transaction Null Pointer Dereference Denial of Service

CVE ID : CVE-2025-48498 Published : July 22, 2025, 4:15 p.m. | 4 hours, 39 minutes ago Description : A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8.1 when processing a number of fields used for coordination. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to a database instance over TCP and send the crafted message to trigger this vulnerability. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-51463 - AIM Path Traversal Vulnerability

CVE ID : CVE-2025-51463 Published : July 22, 2025, 4:15 p.m. | 4 hours, 39 minutes ago Description : Path Traversal in restore_run_backup() in AIM 3.28.0 allows remote attackers to write arbitrary files to the server's filesystem via a crafted backup tar file submitted to the run_instruction API, which is extracted without path validation during restoration. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-51480 - ONNX Path Traversal Vulnerability

CVE ID : CVE-2025-51480 Published : July 22, 2025, 4:15 p.m. | 4 hours, 39 minutes ago Description : Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-5042 - Autodesk Revit Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-5042 Published : July 22, 2025, 4:15 p.m. | 4 hours, 39 minutes ago Description : A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-7371 - Okta On-Premises Provisioning (OPP) Password Reset Information Disclosure

CVE ID : CVE-2025-7371 Published : July 22, 2025, 4:15 p.m. | 4 hours, 39 minutes ago Description : Okta On-Premises Provisioning (OPP) agents log certain user data during administrator-initiated password resets. This vulnerability allows an attacker with access to the local servers running OPP agents to retrieve user personal information and temporary passwords created during password reset. You are affected by this vulnerability if the following preconditions are met: Local server running OPP agent with versions >=2.2.1 and 2.3.0, and User account has had an administrator-initiated password reset while using the affected versions. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-8019 - Libituo Technology LBT-T300-T310 CGI Buffer Overflow Vulnerability

CVE ID : CVE-2025-8019 Published : July 22, 2025, 4:15 p.m. | 4 hours, 39 minutes ago Description : A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulation of the argument wan_proto leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-35966 - Bloomberg Comdb2 Denial of Service Null Pointer Dereference

CVE ID : CVE-2025-35966 Published : July 22, 2025, 4:15 p.m. | 2 hours, 41 minutes ago Description : A null pointer dereference vulnerability exists in the CDB2SQLQUERY protocol buffer message handling of Bloomberg Comdb2 8.1. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to a database instance over TCP and send the crafted message to trigger this vulnerability. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 16:15:00 GMT

read more

CVE-2025-51859 - Chaindesk Agent Chat Stored XSS

CVE ID : CVE-2025-51859 Published : July 22, 2025, 3:15 p.m. | 3 hours, 41 minutes ago Description : Stored Cross-Site Scripting (XSS) vulnerability in Chaindesk thru 2025-05-26 in its agent chat component. An attacker can achieve arbitrary client-side script execution by crafting an AI agent whose system prompt instructs the underlying Large Language Model (LLM) to embed malicious script payloads (e.g., SVG-based XSS) into its chat responses. When a user interacts with such a malicious agent or accesses a direct link to a conversation containing an XSS payload, the script executes in the user's browser. Successful exploitation can lead to the theft of sensitive information, such as JWT session tokens, potentially resulting in account hijacking. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51860 - TelegAI Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-51860 Published : July 22, 2025, 3:15 p.m. | 3 hours, 41 minutes ago Description : Stored Cross-Site Scripting (XSS) in TelegAI (telegai.com) 2025-05-26 in its chat component and character container component. An attacker can achieve arbitrary client-side script execution by crafting an AI Character with SVG XSS payloads in either description, greeting, example dialog, or system prompt(instructing the LLM to embed XSS payload in its chat response). When a user interacts with such a malicious AI Character or just browse its profile, the script executes in the user's browser. Successful exploitation can lead to the theft of sensitive information, such as session tokens, potentially resulting in account hijacking. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51862 - TelegAI Chat IDOR and Stored XSS Vulnerability

CVE ID : CVE-2025-51862 Published : July 22, 2025, 3:15 p.m. | 3 hours, 41 minutes ago Description : Insecure Direct Object Reference (IDOR) vulnerability in TelegAI (telegai.com) thru 2025-05-26 in its chat component. An attacker can exploit this IDOR to tamper other users' conversation. Additionally, malicious contents and XSS payloads can be injected, leading to phishing attack, user spoofing and account hijacking via XSS. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51863 - ChatGPTUnli Cross-Site Scripting (XSS)

CVE ID : CVE-2025-51863 Published : July 22, 2025, 3:15 p.m. | 3 hours, 41 minutes ago Description : Self Cross Site Scripting (XSS) vulnerability in ChatGPT Unli (ChatGPTUnli.com) thru 2025-05-26 allows attackers to execute arbitrary code via a crafted SVG file to the chat interface. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51864 - AIBOX LLM Chat Reflected XSS

CVE ID : CVE-2025-51864 Published : July 22, 2025, 3:15 p.m. | 3 hours, 41 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability exists in AIBOX LLM chat (chat.aibox365.cn) through 2025-05-27, allowing attackers to hijack accounts through stolen JWT tokens. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51865 - Allenai Ai2 Playground Web Service IDOR

CVE ID : CVE-2025-51865 Published : July 22, 2025, 3:15 p.m. | 3 hours, 41 minutes ago Description : Ai2 playground web service (playground.allenai.org) LLM chat through 2025-06-03 is vulnerable to Insecure Direct Object Reference (IDOR), allowing attackers to gain sensitvie information via enumerating thread keys in the URL. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-8015 - "WordPress Shortcodes Ultimate Stored Cross-Site Scripting"

CVE ID : CVE-2025-8015 Published : July 22, 2025, 3:15 p.m. | 3 hours, 41 minutes ago Description : The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded image's 'Title' and 'Slide link' fields in all versions up to, and including, 7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-8018 - Code-projects Food Ordering Review System SQL Injection Vulnerability

CVE ID : CVE-2025-8018 Published : July 22, 2025, 3:15 p.m. | 3 hours, 41 minutes ago Description : A vulnerability was found in code-projects Food Ordering Review System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user/reservation_page.php. The manipulation of the argument reg_Id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-4878 - A vulnerability was found in libssh, where an unin

CVE ID : CVE-2025-4878 Published : July 22, 2025, 3:15 p.m. | 1 hour, 41 minutes ago Description : A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption. Severity: 3.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2025-51858 - Self Cross-Site Scripting (XSS) vulnerability in C

CVE ID : CVE-2025-51858 Published : July 22, 2025, 3:15 p.m. | 1 hour, 41 minutes ago Description : Self Cross-Site Scripting (XSS) vulnerability in ChatPlayground.ai through 2025-05-24, allows attackers to execute arbitrary code and gain sensitive information via a crafted SVG file contents sent through the chat component. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 15:15:00 GMT

read more

CVE-2015-10140 - The Ajax Load More plugin before 2.8.1.2 does not

CVE ID : CVE-2015-10140 Published : July 22, 2025, 2:15 p.m. | 2 hours, 41 minutes ago Description : The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to upload and delete arbitrary files. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-4294 - Improper Neutralization of Input During Web Page G

CVE ID : CVE-2025-4294 Published : July 22, 2025, 2:15 p.m. | 2 hours, 41 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HotelRunner B2B allows Cross-Site Scripting (XSS).This issue affects B2B: before 04.06.2025. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-4295 - Improper Validation of Certificate with Host Misma

CVE ID : CVE-2025-4295 Published : July 22, 2025, 2:15 p.m. | 2 hours, 41 minutes ago Description : Improper Validation of Certificate with Host Mismatch vulnerability in HotelRunner B2B allows HTTP Response Splitting.This issue affects B2B: before 04.06.2025. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-51867 - Insecure Direct Object Reference (IDOR) vulnerabil

CVE ID : CVE-2025-51867 Published : July 22, 2025, 2:15 p.m. | 2 hours, 41 minutes ago Description : Insecure Direct Object Reference (IDOR) vulnerability in Deepfiction AI (deepfiction.ai) thru June 3, 2025, allowing attackers to chat with the LLM using other users' credits via sensitive information gained by the /browse/stories endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-8017 - A vulnerability was found in Tenda AC7 15.03.06.44

CVE ID : CVE-2025-8017 Published : July 22, 2025, 2:15 p.m. | 2 hours, 41 minutes ago Description : A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function formSetMacFilterCfg of the file /goform/setMacFilterCfg of the component httpd. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 14:15:00 GMT

read more

CVE-2025-34140 - An authorization bypass vulnerability exists in ET

CVE ID : CVE-2025-34140 Published : July 22, 2025, 1:15 p.m. | 2 hours, 52 minutes ago Description : An authorization bypass vulnerability exists in ETQ Reliance (legacy CG and NXG SaaS platforms). By appending a specific URI suffix to certain API endpoints, an unauthenticated attacker can bypass access control checks and retrieve limited sensitive resources. The root cause was a misconfiguration in API authorization logic, which has since been corrected in SE.2025.1 and 2025.1.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 13:15:00 GMT

read more

CVE-2025-34141 - A reflected cross-site scripting (XSS) vulnerabili

CVE ID : CVE-2025-34141 Published : July 22, 2025, 1:15 p.m. | 2 hours, 52 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The affected servlet was unnecessarily exposed to authenticated users and has since been disabled in version SE.2025.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 13:15:00 GMT

read more

CVE-2025-34142 - An XML External Entity (XXE) injection vulnerabili

CVE ID : CVE-2025-34142 Published : July 22, 2025, 1:15 p.m. | 2 hours, 52 minutes ago Description : An XML External Entity (XXE) injection vulnerability exists in ETQ Reliance on the CG (legacy) platform within the `/resources/sessions/sso` endpoint. The SAML authentication handler processes XML input without disabling external entity resolution, allowing crafted SAML responses to invoke external entity references. This could enable attackers to retrieve sensitive files or perform server-side request forgery (SSRF). The issue was addressed by disabling external entity processing for the affected XML parser in versions SE.2025.1 and 2025.1.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 13:15:00 GMT

read more

CVE-2025-34143 - An authentication bypass vulnerability exists in E

CVE ID : CVE-2025-34143 Published : July 22, 2025, 1:15 p.m. | 2 hours, 52 minutes ago Description : An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 13:15:00 GMT

read more

CVE-2025-4284 - Improper Neutralization of Input During Web Page G

CVE ID : CVE-2025-4284 Published : July 22, 2025, 12:15 p.m. | 3 hours, 52 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rolantis Information Technologies Agentis allows Reflected XSS, DOM-Based XSS.This issue affects Agentis: before 4.32. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 12:15:00 GMT

read more

CVE-2025-4285 - Improper Neutralization of Special Elements used i

CVE ID : CVE-2025-4285 Published : July 22, 2025, 12:15 p.m. | 3 hours, 52 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technologies Agentis allows SQL Injection.This issue affects Agentis: before 4.32. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 12:15:00 GMT

read more

CVE-2025-7705 - : Active Debug Code vulnerability in ABB Switch Ac

CVE ID : CVE-2025-7705 Published : July 22, 2025, 12:15 p.m. | 3 hours, 52 minutes ago Description : : Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 12:15:00 GMT

read more

CVE-2025-7899 - The powermail extension for TYPO3 allows Insecure

CVE ID : CVE-2025-7899 Published : July 22, 2025, 11:15 a.m. | 4 hours, 52 minutes ago Description : The powermail extension for TYPO3 allows Insecure Direct Object Reference resulting in download of arbitrary files from the webserver. This issue affects powermail version 12.0.0 up to 12.5.2 and version 13.0.0 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 11:15:00 GMT

read more

CVE-2025-7900 - The femanager extension for TYPO3 allows Insecure

CVE ID : CVE-2025-7900 Published : July 22, 2025, 11:15 a.m. | 4 hours, 52 minutes ago Description : The femanager extension for TYPO3 allows Insecure Direct Object Reference resulting in unauthorized modification of userdata. This issue affects femanager version 6.4.1 and below, 7.0.0 to 7.5.2 and 8.0.0 to 8.3.0 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 11:15:00 GMT

read more

CVE-2025-46267 - Hidden functionality issue exists in WRC-BE36QS-B

CVE ID : CVE-2025-46267 Published : July 22, 2025, 10:15 a.m. | 5 hours, 52 minutes ago Description : Hidden functionality issue exists in WRC-BE36QS-B and WRC-W701-B. If exploited, the product's hidden debug function may be enabled by a remote attacker who can log in to WebGUI. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-53472 - WRC-BE36QS-B and WRC-W701-B contain an improper ne

CVE ID : CVE-2025-53472 Published : July 22, 2025, 10:15 a.m. | 5 hours, 52 minutes ago Description : WRC-BE36QS-B and WRC-W701-B contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in WebGUI. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to WebGUI. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-6082 - The Birth Chart Compatibility plugin for WordPress

CVE ID : CVE-2025-6082 Published : July 22, 2025, 10:15 a.m. | 5 hours, 52 minutes ago Description : The Birth Chart Compatibility plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due to insufficient protection against directly accessing the plugin's index.php file, which causes an error exposing the full path. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-6187 - The bSecure plugin for WordPress is vulnerable to

CVE ID : CVE-2025-6187 Published : July 22, 2025, 10:15 a.m. | 5 hours, 52 minutes ago Description : The bSecure plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within its order_info REST endpoint in versions 1.3.7 through 1.7.9. The plugin registers the /webhook/v2/order_info/ route with a permission_callback that always returns true, effectively bypassing all authentication. This makes it possible for unauthenticated attackers who know any user’s email to obtain a valid login cookie and fully impersonate that account. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-6213 - The Nginx Cache Purge Preload plugin for WordPress

CVE ID : CVE-2025-6213 Published : July 22, 2025, 10:15 a.m. | 5 hours, 52 minutes ago Description : The Nginx Cache Purge Preload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.1 via the 'nppp_preload_cache_on_update' function. This is due to insufficient sanitization of the $_SERVER['HTTP_REFERERER'] parameter passed from the 'nppp_handle_fastcgi_cache_actions_admin_bar' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute code on the server. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-7427 - Uncontrolled Search Path Element in Arm Developmen

CVE ID : CVE-2025-7427 Published : July 22, 2025, 10:15 a.m. | 5 hours, 52 minutes ago Description : Uncontrolled Search Path Element in Arm Development Studio before 2025 may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrary code execution in the context of the user running Arm Development Studio. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-7685 - The Like Share My Site plugin for WordPress is v

CVE ID : CVE-2025-7685 Published : July 22, 2025, 10:15 a.m. | 5 hours, 52 minutes ago Description : The Like & Share My Site plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on the 'lsms_admin' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-7687 - The Latest Post Accordian Slider plugin for WordPr

CVE ID : CVE-2025-7687 Published : July 22, 2025, 10:15 a.m. | 5 hours, 52 minutes ago Description : The Latest Post Accordian Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce validation on the 'lpaccordian' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-7692 - The Orion Login with SMS plugin for WordPress is v

CVE ID : CVE-2025-7692 Published : July 22, 2025, 10:15 a.m. | 5 hours, 52 minutes ago Description : The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the olws_handle_verify_phone() function not utilizing a strong enough OTP value, exposing the hash needed to generate the OTP value, and no restrictions on the number of attempts to submit the code. This makes it possible for unauthenticated attackers to log in as other users, including administrators, if they have access to their phone number. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 10:15:00 GMT

read more

CVE-2025-38352 - Linux Kernel POSIX CPU Timers Race Condition Vulnerability

CVE ID : CVE-2025-38352 Published : July 22, 2025, 8:15 a.m. | 7 hours, 52 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent or debugger right after unlock_task_sighand(). If a concurrent posix_cpu_timer_del() runs at that moment, it won't be able to detect timer->it.cpu.firing != 0: cpu_timer_task_rcu() and/or lock_task_sighand() will fail. Add the tsk->exit_state check into run_posix_cpu_timers() to fix this. This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because exit_task_work() is called before exit_notify(). But the check still makes sense, task_work_add(&tsk->posix_cputimers_work.work) will fail anyway in this case. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 08:15:00 GMT

read more

CVE-2025-7645 - WordPress Contact Form 7 Extensions File Deletion Vulnerability

CVE ID : CVE-2025-7645 Published : July 22, 2025, 7:15 a.m. | 8 hours, 52 minutes ago Description : The Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete-file' field in all versions up to, and including, 3.2.8. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, when an administrator deletes the submission, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 07:15:00 GMT

read more

CVE-2025-52580 - Region PAY App for Android Information Exposure

CVE ID : CVE-2025-52580 Published : July 22, 2025, 5:15 a.m. | 9 hours, 35 minutes ago Description : Insertion of sensitive information into log file issue exists in "region PAY" App for Android prior to 1.5.28. If exploited, sensitive user information may be exposed to an attacker who has access to the application logs. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 05:15:00 GMT

read more

CVE-2025-6585 - WordPress JobHunt Insecure Direct Object Reference

CVE ID : CVE-2025-6585 Published : July 22, 2025, 5:15 a.m. | 9 hours, 35 minutes ago Description : The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.2 via the cs_remove_profile_callback() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete accounts of other users including admins. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 05:15:00 GMT

read more

CVE-2025-7495 - WordPress WP-Members Membership Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7495 Published : July 22, 2025, 5:15 a.m. | 9 hours, 35 minutes ago Description : The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpmem_login_link' shortcode in all versions up to, and including, 3.5.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 05:15:00 GMT

read more

CVE-2025-7644 - Elementor Pixel Gallery Stored Cross-Site Scripting

CVE ID : CVE-2025-7644 Published : July 22, 2025, 5:15 a.m. | 9 hours, 35 minutes ago Description : The Pixel Gallery Addons for Elementor – Easy Grid, Creative Gallery, Drag and Drop Grid, Custom Grid Layout, Portfolio Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via URLs in all widgets in all versions up to, and including, 1.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 05:15:00 GMT

read more

CVE-2025-7953 - Sanluan PublicCMS Open Redirect Vulnerability

CVE ID : CVE-2025-7953 Published : July 22, 2025, 4:15 a.m. | 10 hours, 35 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS up to 5.202506.a. This issue affects some unknown processing of the file publiccms-parent/publiccms/src/main/webapp/resource/plugins/pdfjs/viewer.html. The manipulation of the argument File leads to open redirect. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named f1af17af004ca9345c6fe4d5936d87d008d26e75. It is recommended to apply a patch to fix this issue. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 04:15:00 GMT

read more

CVE-2025-54362 - Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-54362 Published : July 22, 2025, 3:15 a.m. | 11 hours, 35 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-7950 - Code-projects Public Chat Room SQL Injection Vulnerability

CVE ID : CVE-2025-7950 Published : July 22, 2025, 3:15 a.m. | 11 hours, 35 minutes ago Description : A vulnerability was found in code-projects Public Chat Room 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-7951 - Code-projects Public Chat Room Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7951 Published : July 22, 2025, 3:15 a.m. | 11 hours, 35 minutes ago Description : A vulnerability classified as problematic has been found in code-projects Public Chat Room 1.0. This affects an unknown part of the file /send_message.php. The manipulation of the argument chat_msg/your_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-7952 - TOTOLINK T6 Command Injection Vulnerability

CVE ID : CVE-2025-7952 Published : July 22, 2025, 3:15 a.m. | 11 hours, 35 minutes ago Description : A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. This vulnerability affects the function ckeckKeepAlive of the file wireless.so of the component MQTT Packet Handler. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54357 - Rejected reason: Not used

CVE ID : CVE-2025-54357 Published : July 22, 2025, 3:15 a.m. | 7 hours, 35 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54358 - Rejected reason: Not used

CVE ID : CVE-2025-54358 Published : July 22, 2025, 3:15 a.m. | 7 hours, 35 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54359 - Rejected reason: Not used

CVE ID : CVE-2025-54359 Published : July 22, 2025, 3:15 a.m. | 7 hours, 35 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54360 - Rejected reason: Not used

CVE ID : CVE-2025-54360 Published : July 22, 2025, 3:15 a.m. | 7 hours, 35 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-54361 - Rejected reason: Not used

CVE ID : CVE-2025-54361 Published : July 22, 2025, 3:15 a.m. | 7 hours, 35 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 03:15:00 GMT

read more

CVE-2025-7945 - A vulnerability was found in D-Link DIR-513 up to

CVE ID : CVE-2025-7945 Published : July 22, 2025, 12:15 a.m. | 8 hours, 41 minutes ago Description : A vulnerability was found in D-Link DIR-513 up to 20190831. It has been declared as critical. This vulnerability affects the function formSetWanDhcpplus of the file /goform/formSetWanDhcpplus. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 22 Jul 2025 00:15:00 GMT

read more

Fuite de données chez France Travail

]]>

Tue Jul 22 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-7486 - The Ebook Store plugin for WordPress is vulnerable

CVE ID : CVE-2025-7486 Published : July 21, 2025, 11:15 p.m. | 9 hours, 41 minutes ago Description : The Ebook Store plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Order Details in all versions up to, and including, 5.8012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 23:15:00 GMT

read more

CVE-2025-7943 - A vulnerability was found in PHPGurukul Taxi Stand

CVE ID : CVE-2025-7943 Published : July 21, 2025, 11:15 p.m. | 9 hours, 41 minutes ago Description : A vulnerability was found in PHPGurukul Taxi Stand Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/search-autoortaxi.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 23:15:00 GMT

read more

CVE-2025-7944 - A vulnerability was found in PHPGurukul Taxi Stand

CVE ID : CVE-2025-7944 Published : July 21, 2025, 11:15 p.m. | 9 hours, 41 minutes ago Description : A vulnerability was found in PHPGurukul Taxi Stand Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /search.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 23:15:00 GMT

read more

CVE-2025-7941 - A vulnerability, which was classified as problemat

CVE ID : CVE-2025-7941 Published : July 21, 2025, 10:15 p.m. | 10 hours, 41 minutes ago Description : A vulnerability, which was classified as problematic, was found in PHPGurukul Time Table Generator System 1.0. Affected is an unknown function of the file /admin/profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 22:15:00 GMT

read more

CVE-2025-7942 - A vulnerability has been found in PHPGurukul Taxi

CVE ID : CVE-2025-7942 Published : July 21, 2025, 10:15 p.m. | 10 hours, 41 minutes ago Description : A vulnerability has been found in PHPGurukul Taxi Stand Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 22:15:00 GMT

read more

CVE-2025-53528 - Cadwyn creates production-ready community-driven m

CVE ID : CVE-2025-53528 Published : July 21, 2025, 9:15 p.m. | 11 hours, 41 minutes ago Description : Cadwyn creates production-ready community-driven modern Stripe-like API versioning in FastAPI. In versions 5.4.3 and below, the version parameter of the "/docs" endpoint is vulnerable to a Reflected XSS (Cross-Site Scripting) attack. This XSS would notably allow an attacker to execute JavaScript code on a user's session for any application based on Cadwyn via a one-click attack. The vulnerability has been fixed in version 5.4.4. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-53832 - Lara Translate MCP Server is a Model Context Proto

CVE ID : CVE-2025-53832 Published : July 21, 2025, 9:15 p.m. | 11 hours, 41 minutes ago Description : Lara Translate MCP Server is a Model Context Protocol (MCP) Server for Lara Translate API. Versions 0.0.11 and below contain a command injection vulnerability which exists in the @translated/lara-mcp MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, >, &&, etc.). This vulnerability is fixed in version 0.0.12. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54122 - Manager-io/Manager is accounting software. A criti

CVE ID : CVE-2025-54122 Published : July 21, 2025, 9:15 p.m. | 11 hours, 41 minutes ago Description : Manager-io/Manager is accounting software. A critical unauthenticated full read Server-Side Request Forgery (SSRF) vulnerability has been identified in the proxy handler component of both manager Desktop and Server edition versions up to and including 25.7.18.2519. This vulnerability allows an unauthenticated attacker to bypass network isolation and access restrictions, potentially enabling access to internal services, cloud metadata endpoints, and exfiltration of sensitive data from isolated network segments. This vulnerability is fixed in version 25.7.21.2525. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54127 - HAXcms with nodejs backend allows users to start t

CVE ID : CVE-2025-54127 Published : July 21, 2025, 9:15 p.m. | 11 hours, 41 minutes ago Description : HAXcms with nodejs backend allows users to start the server in any HAXsite or HAXcms instance. In versions 11.0.6 and below, the NodeJS version of HAXcms uses an insecure default configuration designed for local development. The default configuration does not perform authorization or authentication checks. If a user were to deploy haxcms-nodejs without modifying the default settings, ‘HAXCMS_DISABLE_JWT_CHECKS‘ would be set to ‘true‘ and their deployment would lack session authentication. This is fixed in version 11.0.7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54128 - HAX CMS NodeJs allows users to manage their micros

CVE ID : CVE-2025-54128 Published : July 21, 2025, 9:15 p.m. | 11 hours, 41 minutes ago Description : HAX CMS NodeJs allows users to manage their microsite universe with a NodeJs backend. In versions 11.0.7 and below, the NodeJS version of HAX CMS has a disabled Content Security Policy (CSP). This configuration is insecure for a production application because it does not protect against cross-site-scripting attacks. The contentSecurityPolicy value is explicitly disabled in the application's Helmet configuration in app.js. This is fixed in version 11.0.8. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54129 - HAXiam is a packaging wrapper for HAXcms which all

CVE ID : CVE-2025-54129 Published : July 21, 2025, 9:15 p.m. | 11 hours, 41 minutes ago Description : HAXiam is a packaging wrapper for HAXcms which allows anyone to spawn their own microsite management platform. In versions 11.0.4 and below, the application returns a 200 response when requesting the data of a valid user and a 404 response when requesting the data of an invalid user. This can be used to infer the existence of valid user accounts. An authenticated attacker can use automated tooling to brute force potential usernames and use the application's response to identify valid accounts. This can be used in conjunction with other vulnerabilities, such as the lack of authorization checks, to enumerate and deface another user's sites. This is fixed in version 11.0.5. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-54134 - HAX CMS NodeJs allows users to manage their micros

CVE ID : CVE-2025-54134 Published : July 21, 2025, 9:15 p.m. | 11 hours, 41 minutes ago Description : HAX CMS NodeJs allows users to manage their microsite universe with a NodeJs backend. In versions 11.0.8 and below, the HAX CMS NodeJS application crashes when an authenticated attacker provides an API request lacking required URL parameters. This vulnerability affects the listFiles and saveFiles endpoints. This vulnerability exists because the application does not properly handle exceptions which occur as a result of changes to user-modifiable URL parameters. This is fixed in version 11.0.9. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-7939 - A vulnerability was found in jerryshensjf JPACooki

CVE ID : CVE-2025-7939 Published : July 21, 2025, 9:15 p.m. | 11 hours, 41 minutes ago Description : A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0. It has been classified as critical. Affected is the function addGoods of the file GoodsController.java. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-7940 - A vulnerability was found in Genshin Albedo Cat Ho

CVE ID : CVE-2025-7940 Published : July 21, 2025, 9:15 p.m. | 11 hours, 41 minutes ago Description : A vulnerability was found in Genshin Albedo Cat House App 1.0.2 on Android. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.house.auscat. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 21:15:00 GMT

read more

CVE-2025-7318 - IrfanView CADImage Plugin DWG File Parsing Memory

CVE ID : CVE-2025-7318 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26412. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7319 - IrfanView CADImage Plugin DWG File Parsing Out-Of-

CVE ID : CVE-2025-7319 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26413. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7320 - IrfanView CADImage Plugin DXF File Parsing Memory

CVE ID : CVE-2025-7320 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26418. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7321 - IrfanView CADImage Plugin DWG File Parsing Memory

CVE ID : CVE-2025-7321 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26421. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7322 - IrfanView CADImage Plugin DWG File Parsing Out-Of-

CVE ID : CVE-2025-7322 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26423. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7323 - IrfanView CADImage Plugin DWG File Parsing Memory

CVE ID : CVE-2025-7323 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26428. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7324 - IrfanView CADImage Plugin DXF File Parsing Out-Of-

CVE ID : CVE-2025-7324 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26430. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7325 - IrfanView CADImage Plugin DXF File Parsing Memory

CVE ID : CVE-2025-7325 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26434. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7936 - A vulnerability has been found in fuyang_lipengjun

CVE ID : CVE-2025-7936 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : A vulnerability has been found in fuyang_lipengjun platform up to ca9aceff6902feb7b0b6bf510842aea88430796a and classified as critical. Affected by this vulnerability is the function queryPage of the file com/platform/controller/ScheduleJobLogController.java. The manipulation of the argument beanName/methodName leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-7938 - A vulnerability was found in jerryshensjf JPACooki

CVE ID : CVE-2025-7938 Published : July 21, 2025, 8:15 p.m. | 12 hours, 41 minutes ago Description : A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical. This issue affects the function updateGoods of the file GoodsController.java. The manipulation leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 20:15:00 GMT

read more

CVE-2025-4049 - Signum-Net FARA SQLite Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-4049 Published : July 21, 2025, 8:15 a.m. | 14 hours, 41 minutes ago Description : Use of hard-coded, the same among all vulnerable installations SQLite credentials vulnerability in SIGNUM-NET FARA allows to read and manipulate local-stored database.This issue affects FARA: through 5.0.80.34. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-4569 - ASUS MyASUS Token Stealing Vulnerability

CVE ID : CVE-2025-4569 Published : July 21, 2025, 8:15 a.m. | 14 hours, 41 minutes ago Description : An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized actor to obtain a token that could be used to communicate with certain services. Refer to the 'Security Update for for MyASUS' section on the ASUS Security Advisory for more information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-4570 - MyASUS Token Stealing Vulnerability

CVE ID : CVE-2025-4570 Published : July 21, 2025, 8:15 a.m. | 14 hours, 41 minutes ago Description : An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized actor to obtain a token that could be used to communicate with certain services. Refer to the 'Security Update for for MyASUS' section on the ASUS Security Advisory for more information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-4685 - Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-4685 Published : July 21, 2025, 8:15 a.m. | 14 hours, 41 minutes ago Description : The Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML data attributes of multiple widgets, in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-7354 - WordPress Shortcodes Ultimate Stored Cross-Site Scripting

CVE ID : CVE-2025-7354 Published : July 21, 2025, 8:15 a.m. | 14 hours, 41 minutes ago Description : The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-7369 - "WordPress Shortcodes Ultimate CSRF and XSS"

CVE ID : CVE-2025-7369 Published : July 21, 2025, 8:15 a.m. | 14 hours, 41 minutes ago Description : The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.4.2. This is due to missing or incorrect nonce validation on the preview function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link. In combination with CVE-2025-7354, it leads to Reflected Cross-Site Scripting. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 08:15:00 GMT

read more

CVE-2025-0664 - OpenSSL Privileged Library Loading Vulnerability

CVE ID : CVE-2025-0664 Published : July 21, 2025, 7:15 a.m. | 15 hours, 41 minutes ago Description : A locally authenticated, privileged user can craft a malicious OpenSSL configuration file, potentially leading the agent to load an arbitrary local library. This may impair endpoint defenses and allow the attacker to achieve code execution with SYSTEM-level privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-24936 - Apache Web Server Remote Command Execution Vulnerability

CVE ID : CVE-2025-24936 Published : July 21, 2025, 7:15 a.m. | 15 hours, 41 minutes ago Description : The web application allows user input to pass unfiltered to a command executed on the underlying operating system. The vulnerable component is bound to the network stack and the set of possible attackers extends up to and including the entire Internet. An attacker with low privileged access to the application has the potential to execute commands on the operating system under the context of the webserver. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-24937 - Apache Web Server Remote File Inclusion Vulnerability

CVE ID : CVE-2025-24937 Published : July 21, 2025, 7:15 a.m. | 15 hours, 41 minutes ago Description : File contents could be read from the local file system by an attacker. Additionally, malicious code could be inserted in the file, leading to a full compromise of the web application and the container it is running on. The vulnerable component is bound to the network stack and the set of possible attackers extends up to and including the entire Internet. The web application allows arbitrary files to be included in a file that was downloadable and executable by the web server. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-24938 - Apache Web Server Command Injection Vulnerability

CVE ID : CVE-2025-24938 Published : July 21, 2025, 7:15 a.m. | 15 hours, 41 minutes ago Description : The web application allows user input to pass unfiltered to a command executed on the underlying operating system. An attacker with high privileged access (administrator) to the application has the potential execute commands on the operating system under the context of the webserver. The vulnerable component is bound to the network stack and the set of possible attackers extends up to and including the entire Internet. Has the potential to inject command while creating a new User from User Management. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7343 - Digiwin SFT SQL Injection

CVE ID : CVE-2025-7343 Published : July 21, 2025, 7:15 a.m. | 15 hours, 41 minutes ago Description : The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7344 - Digiwin EAI Privilege Escalation Vulnerability

CVE ID : CVE-2025-7344 Published : July 21, 2025, 7:15 a.m. | 15 hours, 41 minutes ago Description : The EAI developed by Digiwin has a Privilege Escalation vulnerability, allowing remote attackers with regular privileges to elevate their privileges to administrator level via a specific API. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7919 - Simopro Technology WinMatrix3 Web SQL Injection Vulnerability

CVE ID : CVE-2025-7919 Published : July 21, 2025, 7:15 a.m. | 15 hours, 41 minutes ago Description : WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7920 - Simopro Technology WinMatrix3 Web Package Reflected Cross-site Scripting

CVE ID : CVE-2025-7920 Published : July 21, 2025, 7:15 a.m. | 15 hours, 41 minutes ago Description : WinMatrix3 Web package developed by Simopro Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7921 - Askey Modem Stack-Based Buffer Overflow

CVE ID : CVE-2025-7921 Published : July 21, 2025, 7:15 a.m. | 15 hours, 41 minutes ago Description : Certain modem models developed by Askey has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and potentially execute arbitrary code. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 07:15:00 GMT

read more

CVE-2025-7916 - Simopro Technology WinMatrix3 Insecure Deserialization Vulnerability

CVE ID : CVE-2025-7916 Published : July 21, 2025, 6:15 a.m. | 16 hours, 41 minutes ago Description : WinMatrix3 developed by Simopro Technology has an Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized contents. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 06:15:00 GMT

read more

CVE-2025-7917 - Simopro Technology WinMatrix3 Arbitrary File Upload Vulnerability (Remote Code Execution)

CVE ID : CVE-2025-7917 Published : July 21, 2025, 6:15 a.m. | 16 hours, 41 minutes ago Description : WinMatrix3 Web package developed by Simopro Technology has an Arbitrary File Upload vulnerability, allowing remote attackers with administrator privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 06:15:00 GMT

read more

CVE-2025-7918 - Simopro Technology WinMatrix3 Web SQL Injection Vulnerability

CVE ID : CVE-2025-7918 Published : July 21, 2025, 6:15 a.m. | 16 hours, 41 minutes ago Description : WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 06:15:00 GMT

read more

CVE-2025-54352 - WordPress Pingback Title Guessing Vulnerability

CVE ID : CVE-2025-54352 Published : July 21, 2025, 5:15 a.m. | 17 hours, 41 minutes ago Description : WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 05:15:00 GMT

read more

CVE-2025-7914 - Tenda AC6 HTTPd Buffer Overflow Vulnerability

CVE ID : CVE-2025-7914 Published : July 21, 2025, 1:15 a.m. | 21 hours, 41 minutes ago Description : A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. The attack can be launched remotely. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 01:15:00 GMT

read more

CVE-2025-7915 - Chanjet CRM SQL Injection Vulnerability

CVE ID : CVE-2025-7915 Published : July 21, 2025, 1:15 a.m. | 21 hours, 41 minutes ago Description : A vulnerability was found in Chanjet CRM 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /mail/mailinactive.php of the component Login Page. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 01:15:00 GMT

read more

CVE-2025-7913 - TOTOLINK T6 MQTT Service Buffer Overflow Vulnerability

CVE ID : CVE-2025-7913 Published : July 21, 2025, 12:15 a.m. | 22 hours, 41 minutes ago Description : A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015. Affected is the function updateWifiInfo of the component MQTT Service. The manipulation of the argument serverIp leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 21 Jul 2025 00:15:00 GMT

read more

CVE-2025-53771 - Microsoft Office SharePoint Path Traversal Spoofing

CVE ID : CVE-2025-53771 Published : July 20, 2025, 11:15 p.m. | 23 hours, 41 minutes ago Description : Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 23:15:00 GMT

read more

CVE-2025-7911 - D-Link DI-8100 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7911 Published : July 20, 2025, 11:15 p.m. | 23 hours, 41 minutes ago Description : A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects the function sprintf of the file /upnp_ctrl.asp of the component jhttpd. The manipulation of the argument remove_ext_proto/remove_ext_port leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 23:15:00 GMT

read more

CVE-2025-7912 - TOTOLINK MQTT Service Buffer Overflow Vulnerability

CVE ID : CVE-2025-7912 Published : July 20, 2025, 11:15 p.m. | 23 hours, 41 minutes ago Description : A vulnerability, which was classified as critical, has been found in TOTOLINK T6 4.1.5cu.748_B20211015. This issue affects the function recvSlaveUpgstatus of the component MQTT Service. The manipulation of the argument s leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 23:15:00 GMT

read more

CVE-2025-7909 - D-Link DIR-513 Boa Webserver Stack-Based Buffer Overflow

CVE ID : CVE-2025-7909 Published : July 20, 2025, 10:15 p.m. | 8 hours, 41 minutes ago Description : A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. Affected by this issue is the function sprintf of the file /goform/formLanSetupRouterSettings of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 22:15:00 GMT

read more

CVE-2025-7910 - D-Link DIR-513 Boa Webserver Stack-Based Buffer Overflow

CVE ID : CVE-2025-7910 Published : July 20, 2025, 10:15 p.m. | 8 hours, 41 minutes ago Description : A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function sprintf of the file /goform/formSetWanNonLogin of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 22:15:00 GMT

read more

CVE-2025-54319 - Westermo WeOS Information Disclosure

CVE ID : CVE-2025-54319 Published : July 20, 2025, 9:15 p.m. | 9 hours, 41 minutes ago Description : An issue was discovered in Westermo WeOS 5 (5.24 through 5.24.4). A threat actor potentially can gain unauthorized access to sensitive information via system logging information (syslog verbose logging that includes credentials). Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 21:15:00 GMT

read more

CVE-2025-7907 - Yangzongzhuan RuoYi Default Credential Vulnerability (Druid)

CVE ID : CVE-2025-7907 Published : July 20, 2025, 9:15 p.m. | 9 hours, 41 minutes ago Description : A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been classified as problematic. Affected is an unknown function of the file ruoyi-admin/src/main/resources/application-druid.yml of the component Druid. The manipulation leads to use of default credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 21:15:00 GMT

read more

CVE-2025-7908 - D-Link DI-8100 Jhttpd sprintf Stack-Based Buffer Overflow

CVE ID : CVE-2025-7908 Published : July 20, 2025, 9:15 p.m. | 9 hours, 41 minutes ago Description : A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file /ddns.asp?opt=add of the component jhttpd. The manipulation of the argument mx leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 21:15:00 GMT

read more

CVE-2025-7906 - "Yangzongzhuan RuoYi Unrestricted File Upload Vulnerability"

CVE ID : CVE-2025-7906 Published : July 20, 2025, 8:15 p.m. | 10 hours, 41 minutes ago Description : A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1 and classified as critical. This issue affects the function uploadFile of the file ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 20:15:00 GMT

read more

CVE-2025-47917 - Mbed TLS Use-After-Free Vulnerability

CVE ID : CVE-2025-47917 Published : July 20, 2025, 7:15 p.m. | 11 hours, 41 minutes ago Description : Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtls_x509_string_to_names() takes a head argument that is documented as an output argument. The documentation does not suggest that the function will free that pointer; however, the function does call mbedtls_asn1_free_named_data_list() on that argument, which performs a deep free(). As a result, application code that uses this function (relying only on documented behavior) is likely to still hold pointers to the memory blocks that were freed, resulting in a high risk of use-after-free or double-free. In particular, the two sample programs x509/cert_write and x509/cert_req are affected (use-after-free if the san string contains more than one DN). Severity: 8.9 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-49087 - Mbed TLS Block Cipher Padding Timing Attack

CVE ID : CVE-2025-49087 Published : July 20, 2025, 7:15 p.m. | 11 hours, 41 minutes ago Description : In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-54316 - Logpoint Jinja Template XSS Vulnerability

CVE ID : CVE-2025-54316 Published : July 20, 2025, 7:15 p.m. | 11 hours, 41 minutes ago Description : An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting (XSS) attacks. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-54317 - Logpoint Path Traversal Remote Code Execution Vulnerability

CVE ID : CVE-2025-54317 Published : July 20, 2025, 7:15 p.m. | 11 hours, 41 minutes ago Description : An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution (RCE). Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-7905 - Itsoucecode Insurance Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7905 Published : July 20, 2025, 7:15 p.m. | 11 hours, 41 minutes ago Description : A vulnerability has been found in itsourcecode Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /insertPayment.php. The manipulation of the argument recipt_no leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 19:15:00 GMT

read more

CVE-2025-48965 - Mbed TLS NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-48965 Published : July 20, 2025, 6:15 p.m. | 12 hours, 41 minutes ago Description : Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 18:15:00 GMT

read more

CVE-2025-7903 - Yangzongzhuan RuoYi Image Source Handler UI Layer Restriction Vulnerability

CVE ID : CVE-2025-7903 Published : July 20, 2025, 5:15 p.m. | 13 hours, 41 minutes ago Description : A vulnerability classified as problematic was found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is an unknown functionality of the component Image Source Handler. The manipulation leads to improper restriction of rendered ui layers. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 17:15:00 GMT

read more

CVE-2025-7904 - iSourcecode Insurance Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7904 Published : July 20, 2025, 5:15 p.m. | 13 hours, 41 minutes ago Description : A vulnerability, which was classified as critical, was found in itsourcecode Insurance Management System 1.0. This affects an unknown part of the file /insertNominee.php. The manipulation of the argument nominee_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 17:15:00 GMT

read more

CVE-2025-7902 - Yangzongzhuan RuoYi Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7902 Published : July 20, 2025, 4:15 p.m. | 14 hours, 41 minutes ago Description : A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 16:15:00 GMT

read more

CVE-2025-7898 - "Codcanyon iDentSoft File Upload Vulnerability"

CVE ID : CVE-2025-7898 Published : July 20, 2025, 4:15 p.m. | 12 hours, 41 minutes ago Description : A vulnerability was found in Codecanyon iDentSoft 2.0. It has been classified as critical. This affects an unknown part of the file /clinica/profile/updateSetting of the component Account Setting Page. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 16:15:00 GMT

read more

CVE-2025-7901 - RuoYi Swagger UI Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7901 Published : July 20, 2025, 4:15 p.m. | 12 hours, 41 minutes ago Description : A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been rated as problematic. This issue affects some unknown processing of the file /swagger-ui/index.html of the component Swagger UI. The manipulation of the argument configUrl leads to cross site scripting. The attack may be initiated remotely. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 16:15:00 GMT

read more

CVE-2025-7896 - "Harry0703 MoneyPrinterTurbo Remote Path Traversal Vulnerability"

CVE ID : CVE-2025-7896 Published : July 20, 2025, 3:15 p.m. | 13 hours, 41 minutes ago Description : A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this vulnerability is the function download_video/delete_video of the file app/controllers/v1/video.py. The manipulation leads to path traversal. The attack can be launched remotely. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-7897 - Harry0703 MoneyPrinterTurbo API Endpoint Missing Authentication Vulnerability

CVE ID : CVE-2025-7897 Published : July 20, 2025, 3:15 p.m. | 13 hours, 41 minutes ago Description : A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this issue is the function verify_token of the file app/controllers/base.py of the component API Endpoint. The manipulation leads to missing authentication. The attack may be launched remotely. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-46385 - Apache HTTP Server SSRF

CVE ID : CVE-2025-46385 Published : July 20, 2025, 3:15 p.m. | 9 hours, 40 minutes ago Description : CWE-918 Server-Side Request Forgery (SSRF) Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-7895 - Harry0703 MoneyPrinterTurbo Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7895 Published : July 20, 2025, 3:15 p.m. | 9 hours, 40 minutes ago Description : A vulnerability, which was classified as critical, was found in harry0703 MoneyPrinterTurbo up to 1.2.6. Affected is the function upload_bgm_file of the file app/controllers/v1/video.py of the component File Extension Handler. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-46382 - Apache HTTP Server Information Disclosure

CVE ID : CVE-2025-46382 Published : July 20, 2025, 3:15 p.m. | 7 hours, 39 minutes ago Description : CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-46383 - Apache Web Server Cross-Site Scripting

CVE ID : CVE-2025-46383 Published : July 20, 2025, 3:15 p.m. | 7 hours, 39 minutes ago Description : CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-46384 - Apache Struts File Upload Vulnerability

CVE ID : CVE-2025-46384 Published : July 20, 2025, 3:15 p.m. | 7 hours, 39 minutes ago Description : CWE-434 Unrestricted Upload of File with Dangerous Type Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 15:15:00 GMT

read more

CVE-2025-7894 - Onyx Chat Interface SQL Injection Vulnerability

CVE ID : CVE-2025-7894 Published : July 20, 2025, 2:15 p.m. | 8 hours, 39 minutes ago Description : A vulnerability, which was classified as critical, has been found in Onyx up to 0.29.1. This issue affects the function generate_simple_sql of the file backend/onyx/agents/agent_search/kb_search/nodes/a3_generate_simple_sql.py of the component Chat Interface. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 14:15:00 GMT

read more

CVE-2025-7892 - IDnow App AndroidManifest.xml Improper Export of Android Application Components Vulnerability

CVE ID : CVE-2025-7892 Published : July 20, 2025, 2:15 p.m. | 6 hours, 51 minutes ago Description : A vulnerability classified as problematic has been found in IDnow App up to 9.6.0 on Android. This affects an unknown part of the file AndroidManifest.xml of the component de.idnow. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 14:15:00 GMT

read more

CVE-2025-7893 - Foresight News App Android Improper Android Application Component Export

CVE ID : CVE-2025-7893 Published : July 20, 2025, 2:15 p.m. | 6 hours, 51 minutes ago Description : A vulnerability classified as problematic was found in Foresight News App up to 2.6.4 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml of the component pro.foresightnews.appa. The manipulation leads to improper export of android application components. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 14:15:00 GMT

read more

CVE-2025-7889 - CallApp Caller ID App Android Component Export Vulnerability

CVE ID : CVE-2025-7889 Published : July 20, 2025, 1:15 p.m. | 7 hours, 51 minutes ago Description : A vulnerability was found in CallApp Caller ID App up to 2.0.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component caller.id.phone.number.block. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 13:15:00 GMT

read more

CVE-2025-7890 - Dunamu StockPlus App Android AndroidManifest.xml Component Export Weakness

CVE ID : CVE-2025-7890 Published : July 20, 2025, 1:15 p.m. | 7 hours, 51 minutes ago Description : A vulnerability was found in Dunamu StockPlus App up to 7.62.10 on Android. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.dunamu.stockplus. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 13:15:00 GMT

read more

CVE-2025-7891 - InstantBits Web Video Cast App Android Android Application Component Export Vulnerability

CVE ID : CVE-2025-7891 Published : July 20, 2025, 1:15 p.m. | 7 hours, 51 minutes ago Description : A vulnerability was found in InstantBits Web Video Cast App up to 5.12.4 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.instantbits.cast.webvideo. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 13:15:00 GMT

read more

CVE-2025-7885 - Huashengdun WebSSH Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7885 Published : July 20, 2025, 12:15 p.m. | 6 hours, 40 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Huashengdun WebSSH up to 1.6.2. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument hostname/port leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 12:15:00 GMT

read more

CVE-2025-7886 - pmTicket Project-Management-Software SQL Injection Vulnerability

CVE ID : CVE-2025-7886 Published : July 20, 2025, 12:15 p.m. | 6 hours, 40 minutes ago Description : A vulnerability, which was classified as critical, was found in pmTicket Project-Management-Software up to 2ef379da2075f4761a2c9029cf91d073474e7486. This affects the function getUserLanguage of the file classes/class.database.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the attack remotely. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 12:15:00 GMT

read more

CVE-2025-7887 - Zavy86 WikiDocs Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7887 Published : July 20, 2025, 12:15 p.m. | 6 hours, 40 minutes ago Description : A vulnerability has been found in Zavy86 WikiDocs up to 1.0.78 and classified as problematic. This vulnerability affects unknown code of the file template.inc.php. The manipulation of the argument path leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 12:15:00 GMT

read more

CVE-2025-7888 - TDuckCloud tduck-platform SQL Injection Vulnerability

CVE ID : CVE-2025-7888 Published : July 20, 2025, 12:15 p.m. | 6 hours, 40 minutes ago Description : A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue affects the function UserFormDataMapper of the file src/main/java/com/tduck/cloud/form/mapper/UserFormDataMapper.java. The manipulation of the argument formKey leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 12:15:00 GMT

read more

CVE-2025-7883 - Eluktronics Control Center PowerShell Script Handler Command Injection Vulnerability

CVE ID : CVE-2025-7883 Published : July 20, 2025, 11:15 a.m. | 7 hours, 40 minutes ago Description : A vulnerability classified as critical has been found in Eluktronics Control Center 5.23.51.41. Affected is an unknown function of the file \AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to command injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 11:15:00 GMT

read more

CVE-2025-7884 - "Eluktronics Control Center REG File Handler Authentication Bypass"

CVE ID : CVE-2025-7884 Published : July 20, 2025, 11:15 a.m. | 7 hours, 40 minutes ago Description : A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41. Affected by this vulnerability is an unknown functionality of the component REG File Handler. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 11:15:00 GMT

read more

CVE-2025-7882 - Mercusys MW301R Authentication Bypass Vulnerability

CVE ID : CVE-2025-7882 Published : July 20, 2025, 11:15 a.m. | 5 hours, 51 minutes ago Description : A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been rated as problematic. This issue affects some unknown processing of the component Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 11:15:00 GMT

read more

CVE-2025-7880 - Metasoft MetaCRM Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7880 Published : July 20, 2025, 10:15 a.m. | 6 hours, 51 minutes ago Description : A vulnerability was found in Metasoft 美特软件 MetaCRM up to 6.4.2 and classified as critical. Affected by this issue is some unknown functionality of the file /business/common/sms/sendsms.jsp. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 10:15:00 GMT

read more

CVE-2025-7881 - Mercusys MW301R Remote Weak Password Recovery Vulnerability

CVE ID : CVE-2025-7881 Published : July 20, 2025, 10:15 a.m. | 6 hours, 51 minutes ago Description : A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument code leads to weak password recovery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 10:15:00 GMT

read more

CVE-2025-7878 - Metasoft MetaCRM Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7878 Published : July 20, 2025, 9:15 a.m. | 5 hours, 40 minutes ago Description : A vulnerability, which was classified as critical, was found in Metasoft 美特软件 MetaCRM up to 6.4.2. Affected is an unknown function of the file /common/jsp/upload2.jsp. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 09:15:00 GMT

read more

CVE-2025-7879 - Metasoft MetaCRM Remote File Upload Vulnerability

CVE ID : CVE-2025-7879 Published : July 20, 2025, 9:15 a.m. | 5 hours, 40 minutes ago Description : A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file mobileupload.jsp. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 09:15:00 GMT

read more

CVE-2025-7875 - Metasoft MetaCRM Remote Authentication Bypass Vulnerability

CVE ID : CVE-2025-7875 Published : July 20, 2025, 8:15 a.m. | 6 hours, 40 minutes ago Description : A vulnerability classified as critical has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This affects an unknown part of the file /debug.jsp. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 08:15:00 GMT

read more

CVE-2025-7876 - Metasoft MetaCRM Remote Deserialization Vulnerability

CVE ID : CVE-2025-7876 Published : July 20, 2025, 8:15 a.m. | 6 hours, 40 minutes ago Description : A vulnerability classified as critical was found in Metasoft 美特软件 MetaCRM up to 6.4.2. This vulnerability affects the function AnalyzeParam of the file download.jsp. The manipulation of the argument p leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 08:15:00 GMT

read more

CVE-2025-7877 - Metasoft MetaCRM Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7877 Published : July 20, 2025, 8:15 a.m. | 6 hours, 40 minutes ago Description : A vulnerability, which was classified as critical, has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This issue affects some unknown processing of the file sendfile.jsp. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 08:15:00 GMT

read more

CVE-2025-7872 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7872 Published : July 20, 2025, 7:15 a.m. | 7 hours, 40 minutes ago Description : A vulnerability was found in Portabilis i-Diario 1.5.0 and classified as problematic. This issue affects some unknown processing of the file /justificativas-de-falta. The manipulation of the argument Justificativa leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 07:15:00 GMT

read more

CVE-2025-7873 - Metasoft MetaCRM Critical SQL Injection in mcc_login.jsp

CVE ID : CVE-2025-7873 Published : July 20, 2025, 7:15 a.m. | 7 hours, 40 minutes ago Description : A vulnerability was found in Metasoft 美特软件 MetaCRM up to 6.4.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file mcc_login.jsp. The manipulation of the argument workerid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 07:15:00 GMT

read more

CVE-2025-7874 - Metasoft MetaCRM Remote Information Disclosure in /env.jsp

CVE ID : CVE-2025-7874 Published : July 20, 2025, 7:15 a.m. | 7 hours, 40 minutes ago Description : A vulnerability was found in Metasoft 美特软件 MetaCRM up to 6.4.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /env.jsp. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 07:15:00 GMT

read more

CVE-2025-7870 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7870 Published : July 20, 2025, 6:15 a.m. | 8 hours, 40 minutes ago Description : A vulnerability, which was classified as problematic, was found in Portabilis i-Diario 1.5.0. This affects an unknown part of the component justificativas-de-falta Endpoint. The manipulation of the argument Anexo leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 06:15:00 GMT

read more

CVE-2025-7871 - Portabilis i-Diario Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7871 Published : July 20, 2025, 6:15 a.m. | 8 hours, 40 minutes ago Description : A vulnerability has been found in Portabilis i-Diario 1.5.0 and classified as problematic. This vulnerability affects unknown code of the file /conteudos. The manipulation of the argument filter[by_description] leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 06:15:00 GMT

read more

CVE-2025-7867 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7867 Published : July 20, 2025, 5:15 a.m. | 7 hours, 40 minutes ago Description : A vulnerability classified as problematic has been found in Portabilis i-Educar 2.9.0. Affected is an unknown function of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novo_titulo leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 05:15:00 GMT

read more

CVE-2025-7868 - Portabilis i-Educar Cross-Site Scripting Vulnerability in Calendar Module

CVE ID : CVE-2025-7868 Published : July 20, 2025, 5:15 a.m. | 7 hours, 40 minutes ago Description : A vulnerability classified as problematic was found in Portabilis i-Educar 2.9.0. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_calendario_dia_motivo_cad.php of the component Calendar Module. The manipulation of the argument Motivo leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 05:15:00 GMT

read more

CVE-2025-7869 - Portabilis i-Educar Turma Module Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7869 Published : July 20, 2025, 5:15 a.m. | 7 hours, 40 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file intranet/educar_turma_tipo_det.php?cod_turma_tipo=ID of the component Turma Module. The manipulation of the argument nm_tipo leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 05:15:00 GMT

read more

CVE-2025-7865 - JeeSite XSS Filter Remote Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7865 Published : July 20, 2025, 4:15 a.m. | 8 hours, 40 minutes ago Description : A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been declared as problematic. This vulnerability affects the function xssFilter of the file src/main/java/com/jeesite/common/codec/EncodeUtils.java of the component XSS Filter. The manipulation of the argument text leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 3585737d21fe490ff6948d913fcbd8d99c41fc08. It is recommended to apply a patch to fix this issue. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 04:15:00 GMT

read more

CVE-2025-7866 - Portabilis i-Educar Cross-Site Scripting in Disabilities Module

CVE ID : CVE-2025-7866 Published : July 20, 2025, 4:15 a.m. | 8 hours, 40 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.9.0. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/educar_deficiencia_lst.php of the component Disabilities Module. The manipulation of the argument Deficiência ou Transtorno leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 04:15:00 GMT

read more

CVE-2025-7864 - "Thinkgem JeeSite Unrestricted File Upload Vulnerability"

CVE ID : CVE-2025-7864 Published : July 20, 2025, 3:15 a.m. | 9 hours, 40 minutes ago Description : A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been classified as critical. This affects the function Upload of the file src/main/java/com/jeesite/modules/file/web/FileUploadController.java. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 3585737d21fe490ff6948d913fcbd8d99c41fc08. It is recommended to apply a patch to fix this issue. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 03:15:00 GMT

read more

CVE-2025-54314 - "Thor Shell Command Injection"

CVE ID : CVE-2025-54314 Published : July 20, 2025, 3:15 a.m. | 7 hours, 34 minutes ago Description : Thor before 1.4.0 can construct an unsafe shell command from library input. Severity: 2.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 03:15:00 GMT

read more

CVE-2025-7862 - "TOTOLINK Telnet Service Remote Authentication Bypass"

CVE ID : CVE-2025-7862 Published : July 20, 2025, 3:15 a.m. | 7 hours, 34 minutes ago Description : A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument telnet_enabled with the input 1 leads to missing authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 03:15:00 GMT

read more

CVE-2025-7863 - Thinkgem JeeSite Open Redirect Vulnerability

CVE ID : CVE-2025-7863 Published : July 20, 2025, 3:15 a.m. | 7 hours, 34 minutes ago Description : A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the function redirectUrl of the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the argument url leads to open redirect. The attack may be launched remotely. The name of the patch is 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 03:15:00 GMT

read more

CVE-2025-53770 - Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE ID : CVE-2025-53770 Published : July 20, 2025, 1:15 a.m. | 9 hours, 34 minutes ago Description : Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 01:15:00 GMT

read more

CVE-2025-7859 - Code-projects Church Donation System SQL Injection Vulnerability

CVE ID : CVE-2025-7859 Published : July 20, 2025, 1:15 a.m. | 9 hours, 34 minutes ago Description : A vulnerability classified as critical was found in code-projects Church Donation System 1.0. This vulnerability affects unknown code of the file /members/update_password_admin.php. The manipulation of the argument new_password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 01:15:00 GMT

read more

CVE-2025-7860 - "Church Donation System SQL Injection Vulnerability"

CVE ID : CVE-2025-7860 Published : July 20, 2025, 1:15 a.m. | 9 hours, 34 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some unknown processing of the file /members/login_admin.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 01:15:00 GMT

read more

CVE-2025-7861 - "Church Donation System SQL Injection Vulnerability"

CVE ID : CVE-2025-7861 Published : July 20, 2025, 1:15 a.m. | 9 hours, 34 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Church Donation System 1.0. Affected is an unknown function of the file /members/search.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 01:15:00 GMT

read more

CVE-2025-7858 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7858 Published : July 20, 2025, 12:15 a.m. | 8 hours, 40 minutes ago Description : A vulnerability classified as problematic has been found in PHPGurukul Apartment Visitors Management System 1.0. This affects an unknown part of the file /admin-profile.php of the component HTTP POST Request Handler. The manipulation of the argument adminname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 20 Jul 2025 00:15:00 GMT

read more

CVE-2025-7857 - "PHPGurukul Apartment Visitors Management System Cross Site Scripting Vulnerability"

CVE ID : CVE-2025-7857 Published : July 19, 2025, 11:15 p.m. | 9 hours, 40 minutes ago Description : A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file bwdates-passreports-details.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 23:15:00 GMT

read more

CVE-2025-7856 - PHPGurukul Apartment Visitors Management System Cross Site Scripting

CVE ID : CVE-2025-7856 Published : July 19, 2025, 10:15 p.m. | 10 hours, 40 minutes ago Description : A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file pass-details.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 22:15:00 GMT

read more

CVE-2025-7855 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7855 Published : July 19, 2025, 9:15 p.m. | 11 hours, 40 minutes ago Description : A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 21:15:00 GMT

read more

CVE-2025-7854 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7854 Published : July 19, 2025, 9:15 p.m. | 9 hours, 34 minutes ago Description : A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 21:15:00 GMT

read more

CVE-2025-7853 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7853 Published : July 19, 2025, 8:15 p.m. | 10 hours, 34 minutes ago Description : A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 20:15:00 GMT

read more

CVE-2025-7838 - Campcodes Online Movie Theater Seat Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-7838 Published : July 19, 2025, 6:15 p.m. | 12 hours, 34 minutes ago Description : A vulnerability has been found in Campcodes Online Movie Theater Seat Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage_seat.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 18:15:00 GMT

read more

CVE-2025-7840 - Campcodes Online Movie Theater Seat Reservation System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7840 Published : July 19, 2025, 6:15 p.m. | 12 hours, 34 minutes ago Description : A vulnerability was found in Campcodes Online Movie Theater Seat Reservation System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=reserve of the component Reserve Your Seat Page. The manipulation of the argument Firstname/Lastname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 18:15:00 GMT

read more

CVE-2025-7836 - D-Link DIR-816L Environment Variable Handler Command Injection

CVE ID : CVE-2025-7836 Published : July 19, 2025, 5:15 p.m. | 13 hours, 34 minutes ago Description : A vulnerability has been found in D-Link DIR-816L up to 2.06B01 and classified as critical. Affected by this vulnerability is the function lxmldbc_system of the file /htdocs/cgibin of the component Environment Variable Handler. The manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 17:15:00 GMT

read more

CVE-2025-7837 - TOTOLINK T6 MQTT Service Buffer Overflow Vulnerability

CVE ID : CVE-2025-7837 Published : July 19, 2025, 5:15 p.m. | 13 hours, 34 minutes ago Description : A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this issue is the function recvSlaveStaInfo of the component MQTT Service. The manipulation of the argument dest leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 17:15:00 GMT

read more

CVE-2025-54313 - EsLint-Config-Prettier Malicious Code Injection

CVE ID : CVE-2025-54313 Published : July 19, 2025, 5:15 p.m. | 11 hours, 19 minutes ago Description : eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 17:15:00 GMT

read more

CVE-2025-7832 - Church Donation System SQL Injection Vulnerability

CVE ID : CVE-2025-7832 Published : July 19, 2025, 4:15 p.m. | 12 hours, 19 minutes ago Description : A vulnerability classified as critical was found in code-projects Church Donation System 1.0. This vulnerability affects unknown code of the file /members/offering.php. The manipulation of the argument trcode leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 16:15:00 GMT

read more

CVE-2025-7833 - Church Donation System SQL Injection Vulnerability

CVE ID : CVE-2025-7833 Published : July 19, 2025, 4:15 p.m. | 12 hours, 19 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some unknown processing of the file /members/giving.php. The manipulation of the argument Amount leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 16:15:00 GMT

read more

CVE-2025-7834 - PHPGurukul Complaint Management System CSRF Vulnerability

CVE ID : CVE-2025-7834 Published : July 19, 2025, 4:15 p.m. | 12 hours, 19 minutes ago Description : A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 16:15:00 GMT

read more

CVE-2025-7831 - "Church Donation System SQL Injection Vulnerability"

CVE ID : CVE-2025-7831 Published : July 19, 2025, 3:15 p.m. | 13 hours, 19 minutes ago Description : A vulnerability classified as critical has been found in code-projects Church Donation System 1.0. This affects an unknown part of the file /members/Tithes.php. The manipulation of the argument trcode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 15:15:00 GMT

read more

CVE-2025-7830 - "Church Donation System SQL Injection Vulnerability"

CVE ID : CVE-2025-7830 Published : July 19, 2025, 3:15 p.m. | 11 hours, 40 minutes ago Description : A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /reg.php. The manipulation of the argument mobile leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 15:15:00 GMT

read more

CVE-2025-7829 - Church Donation System SQL Injection Vulnerability

CVE ID : CVE-2025-7829 Published : July 19, 2025, 2:15 p.m. | 12 hours, 40 minutes ago Description : A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 14:15:00 GMT

read more

CVE-2025-7819 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting

CVE ID : CVE-2025-7819 Published : July 19, 2025, 1:15 p.m. | 13 hours, 40 minutes ago Description : A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /create-pass.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. It is possible to initiate the attack remotely. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 13:15:00 GMT

read more

CVE-2025-7823 - Jinher OA XML External Entity Reference Vulnerability

CVE ID : CVE-2025-7823 Published : July 19, 2025, 1:15 p.m. | 13 hours, 40 minutes ago Description : A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of the file ProjectScheduleDelete.aspx. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 13:15:00 GMT

read more

CVE-2025-7824 - Jinher OA XML External Entity Reference (XXE) Vulnerability

CVE ID : CVE-2025-7824 Published : July 19, 2025, 1:15 p.m. | 13 hours, 40 minutes ago Description : A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 13:15:00 GMT

read more

CVE-2025-7818 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7818 Published : July 19, 2025, 12:15 p.m. | 14 hours, 40 minutes ago Description : A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /category.php of the component HTTP POST Request Handler. The manipulation of the argument categoryname leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2015-10138 - "Work The Flow File Upload Plugin for WordPress Arbitrary File Upload Vulnerability"

CVE ID : CVE-2015-10138 Published : July 19, 2025, 12:15 p.m. | 12 hours, 40 minutes ago Description : The Work The Flow File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jQuery-File-Upload-9.5.0 server and test files in versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2015-10139 - WPLMS WordPress Privilege Escalation

CVE ID : CVE-2015-10139 Published : July 19, 2025, 12:15 p.m. | 12 hours, 40 minutes ago Description : The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1 via the 'wp_ajax_import_data' AJAX action. This makes it possible for authenticated attackers to change otherwise restricted settings and potentially create a new accessible admin account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2025-38351 - KVM Hyper-V Canonical GVA Vulnerability

CVE ID : CVE-2025-38351 Published : July 19, 2025, 12:15 p.m. | 12 hours, 40 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX allow a guest to request invalidation of portions of a virtual TLB. For this, the hypercall parameter includes a list of GVAs that are supposed to be invalidated. However, when non-canonical GVAs are passed, there is currently no filtering in place and they are eventually passed to checked invocations of INVVPID on Intel / INVLPGA on AMD. While AMD's INVLPGA silently ignores non-canonical addresses (effectively a no-op), Intel's INVVPID explicitly signals VM-Fail and ultimately triggers the WARN_ONCE in invvpid_error(): invvpid failed: ext=0x0 vpid=1 gva=0xaaaaaaaaaaaaa000 WARNING: CPU: 6 PID: 326 at arch/x86/kvm/vmx/vmx.c:482 invvpid_error+0x91/0xa0 [kvm_intel] Modules linked in: kvm_intel kvm 9pnet_virtio irqbypass fuse CPU: 6 UID: 0 PID: 326 Comm: kvm-vm Not tainted 6.15.0 #14 PREEMPT(voluntary) RIP: 0010:invvpid_error+0x91/0xa0 [kvm_intel] Call Trace: vmx_flush_tlb_gva+0x320/0x490 [kvm_intel] kvm_hv_vcpu_flush_tlb+0x24f/0x4f0 [kvm] kvm_arch_vcpu_ioctl_run+0x3013/0x5810 [kvm] Hyper-V documents that invalid GVAs (those that are beyond a partition's GVA space) are to be ignored. While not completely clear whether this ruling also applies to non-canonical GVAs, it is likely fine to make that assumption, and manual testing on Azure confirms "real" Hyper-V interprets the specification in the same way. Skip non-canonical GVAs when processing the list of address to avoid tripping the INVVPID failure. Alternatively, KVM could filter out "bad" GVAs before inserting into the FIFO, but practically speaking the only downside of pushing validation to the final processing is that doing so is suboptimal for the guest, and no well-behaved guest will request TLB flushes for non-canonical addresses. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2025-7817 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting

CVE ID : CVE-2025-7817 Published : July 19, 2025, 12:15 p.m. | 12 hours, 40 minutes ago Description : A vulnerability has been found in PHPGurukul Apartment Visitors Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /bwdates-reports.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 12:15:00 GMT

read more

CVE-2025-7816 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7816 Published : July 19, 2025, 11:15 a.m. | 11 hours, 23 minutes ago Description : A vulnerability, which was classified as problematic, was found in PHPGurukul Apartment Visitors Management System 1.0. Affected is an unknown function of the file /visitor-detail.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 11:15:00 GMT

read more

CVE-2025-7815 - PHPGurukul Apartment Visitors Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7815 Published : July 19, 2025, 10:15 a.m. | 12 hours, 23 minutes ago Description : A vulnerability, which was classified as problematic, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /manage-newvisitors.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2015-10135 - WordPress WPshop File Upload Vulnerability

CVE ID : CVE-2015-10135 Published : July 19, 2025, 10:15 a.m. | 10 hours, 40 minutes ago Description : The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaxUpload function in versions before 1.3.9.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2015-10136 - GI-Media Library Directory Traversal Vulnerability in WordPress

CVE ID : CVE-2015-10136 Published : July 19, 2025, 10:15 a.m. | 10 hours, 40 minutes ago Description : The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before 3.0 via the 'fileid' parameter. This allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2016-15043 - WordPress WP Mobile Detector Arbitrary File Upload Vulnerability

CVE ID : CVE-2016-15043 Published : July 19, 2025, 10:15 a.m. | 10 hours, 40 minutes ago Description : The WP Mobile Detector plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in resize.php file in versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2015-10134 - WordPress Simple Backup Arbitrary File Download Vulnerability

CVE ID : CVE-2015-10134 Published : July 19, 2025, 10:15 a.m. | 8 hours, 40 minutes ago Description : The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to, and including, 2.7.10. via the download_backup_file function. This is due to a lack of capability checks and file type validation. This makes it possible for attackers to download sensitive files such as the wp-config.php file from the affected site. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2012-10019 - WordPress Front End Editor Arbitrary File Upload Vulnerability

CVE ID : CVE-2012-10019 Published : July 19, 2025, 10:15 a.m. | 8 hours, 12 minutes ago Description : The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2015-10133 - WordPress Subscribe to Comments Local File Inclusion Vulnerability

CVE ID : CVE-2015-10133 Published : July 19, 2025, 10:15 a.m. | 8 hours, 11 minutes ago Description : The Subscribe to Comments for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.1.2 via the Path to header value. This allows authenticated attackers, with administrative privileges and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. This same function can also be used to execute arbitrary PHP code. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 10:15:00 GMT

read more

CVE-2025-6997 - "ThemeREX Addons WordPress Stored Cross-Site Scripting"

CVE ID : CVE-2025-6997 Published : July 19, 2025, 9:15 a.m. | 7 hours, 51 minutes ago Description : The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin’s SVG rendering routine calls the trx_addons_get_svg_from_file() function on an unvalidated 'svg' parameter supplied via the shortcode or Elementor widget settings, then outputs it via the trx_addons_show_layout() function. Because there is no check on the URL’s origin, scheme, or the SVG content itself, authenticated attackers, with Contributor-level access and above, can supply a remote SVG and inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 09:15:00 GMT

read more

CVE-2025-38350 - Linux Kernel HFSC Netem Blackhole Use-After-Free Vulnerability

CVE ID : CVE-2025-38350 Published : July 19, 2025, 7:15 a.m. | 9 hours, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight class passive via qlen_notify(). Most qdiscs do not expect such behaviour at this point in time and may re-activate the class eventually anyways which will lead to a use-after-free. The referenced fix commit attempted to fix this behavior for the HFSC case by moving the backlog accounting around, though this turned out to be incomplete since the parent's parent may run into the issue too. The following reproducer demonstrates this use-after-free: tc qdisc add dev lo root handle 1: drr tc filter add dev lo parent 1: basic classid 1:1 tc class add dev lo parent 1: classid 1:1 drr tc qdisc add dev lo parent 1:1 handle 2: hfsc def 1 tc class add dev lo parent 2: classid 2:1 hfsc rt m1 8 d 1 m2 0 tc qdisc add dev lo parent 2:1 handle 3: netem tc qdisc add dev lo parent 3:1 handle 4: blackhole echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888 tc class delete dev lo classid 1:1 echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888 Since backlog accounting issues leading to a use-after-frees on stale class pointers is a recurring pattern at this point, this patch takes a different approach. Instead of trying to fix the accounting, the patch ensures that qdisc_tree_reduce_backlog always calls qlen_notify when the child qdisc is empty. This solves the problem because deletion of qdiscs always involves a call to qdisc_reset() and / or qdisc_purge_queue() which ultimately resets its qlen to 0 thus causing the following qdisc_tree_reduce_backlog() to report to the parent. Note that this may call qlen_notify on passive classes multiple times. This is not a problem after the recent patch series that made all the classful qdiscs qlen_notify() handlers idempotent. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 07:15:00 GMT

read more

CVE-2025-6721 - WordPress Vchasno Kasa Plugin Unauthenticated Data Access Vulnerability

CVE ID : CVE-2025-6721 Published : July 19, 2025, 6:15 a.m. | 10 hours, 51 minutes ago Description : The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the mrkv_vchasno_kasa_wc_do_metabox_action() function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to generate invoices for arbitrary orders. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 06:15:00 GMT

read more

CVE-2025-29757 - Growatt Cloud Service Authorization Bypass Vulnerability

CVE ID : CVE-2025-29757 Published : July 19, 2025, 6:15 a.m. | 10 hours, 11 minutes ago Description : An incorrect authorisation check in the the 'plant transfer' function of the Growatt cloud service allowed a malicous attacker with a valid account to transfer any plant into his/her account. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 06:15:00 GMT

read more

CVE-2025-6720 - Vchasno Kasa Plugin WordPress Information Disclosure Vulnerability

CVE ID : CVE-2025-6720 Published : July 19, 2025, 6:15 a.m. | 10 hours, 11 minutes ago Description : The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clear_all_log() function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to clear log files. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 06:15:00 GMT

read more

CVE-2025-7697 - Google Sheets Integration for WordPress PHP Object Injection Vulnerability

CVE ID : CVE-2025-7697 Published : July 19, 2025, 5:15 a.m. | 11 hours, 11 minutes ago Description : The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.1 via deserialization of untrusted input within the verify_field_val() function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in the Contact Form 7 plugin, which is likely to be used alongside, allows attackers to delete arbitrary files, leading to a denial of service or remote code execution when the wp-config.php file is deleted. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 05:15:00 GMT

read more

CVE-2025-7696 - Pipedrive WordPress Plugin PHP Object Injection Vulnerability

CVE ID : CVE-2025-7696 Published : July 19, 2025, 5:15 a.m. | 9 hours, 40 minutes ago Description : The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.3 via deserialization of untrusted input within the verify_field_val() function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in the Contact Form 7 plugin, which is likely to be used alongside, allows attackers to delete arbitrary files, leading to a denial of service or remote code execution when the wp-config.php file is deleted. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 05:15:00 GMT

read more

CVE-2025-7669 - Avishi WP PayPal Payment Button CSRF Vulnerability

CVE ID : CVE-2025-7669 Published : July 19, 2025, 3:15 a.m. | 11 hours, 40 minutes ago Description : The Avishi WP PayPal Payment Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0. This is due to missing or incorrect nonce validation on the 'avishi-wp-paypal-payment-button/index.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-7653 - EPay.bg Payments Plugin for WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7653 Published : July 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago Description : The EPay.bg Payments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'epay' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-7655 - WordPress Live Stream Badger Stored Cross-Site Scripting

CVE ID : CVE-2025-7655 Published : July 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago Description : The Live Stream Badger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'livestream' shortcode in all versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-7658 - WordPress Temporarily Hidden Content Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7658 Published : July 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago Description : The Temporarily Hidden Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'temphc-start' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-7661 - Martinus Stored Cross-Site Scripting (XSS) in WordPress Partnerský systém

CVE ID : CVE-2025-7661 Published : July 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago Description : The Partnerský systém Martinus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'martinus' shortcode in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-52924 - One Identity OneLogin SQL Injection

CVE ID : CVE-2025-52924 Published : July 19, 2025, 3:15 a.m. | 7 hours, 40 minutes ago Description : In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 19 Jul 2025 03:15:00 GMT

read more

CVE-2025-27209 - Node.js V8 HashDoS Vulnerability

CVE ID : CVE-2025-27209 Published : July 18, 2025, 11:15 p.m. | 11 hours, 40 minutes ago Description : The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even without knowing the hash-seed. * This vulnerability affects Node.js v24.x users. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-27210 - Node.js Windows Path Join API Incomplete Fix Vulnerability

CVE ID : CVE-2025-27210 Published : July 18, 2025, 11:15 p.m. | 11 hours, 40 minutes ago Description : An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX. This vulnerability affects Windows users of `path.join` API. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-7394 - OpenSSL wolfSSL Predictable Random Number Generation After Fork Vulnerability

CVE ID : CVE-2025-7394 Published : July 18, 2025, 11:15 p.m. | 11 hours, 40 minutes ago Description : In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-7395 - WolfSSL Certificate Domain Name Verification Bypass

CVE ID : CVE-2025-7395 Published : July 18, 2025, 11:15 p.m. | 11 hours, 40 minutes ago Description : A certificate verification error in wolfSSL when building with the WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION options results in the wolfSSL client failing to properly verify the server certificate's domain name, allowing any certificate issued by a trusted CA to be accepted regardless of the hostname. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-7396 - WolfSSL Curve25519 Blinding Support Vulnerability (Side-Channel Attack)

CVE ID : CVE-2025-7396 Published : July 18, 2025, 11:15 p.m. | 11 hours, 40 minutes ago Description : In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519 feature. While the side-channel attack on extracting a private key would be very difficult to execute in practice, enabling blinding provides an additional layer of protection for devices that may be more susceptible to physical access or side-channel observation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 23:15:00 GMT

read more

CVE-2025-7814 - Food Ordering Review System SQL Injection Vulnerability

CVE ID : CVE-2025-7814 Published : July 18, 2025, 10:15 p.m. | 12 hours, 10 minutes ago Description : A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/signup_function.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 22:15:00 GMT

read more

CVE-2025-50581 - MRCMS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-50581 Published : July 18, 2025, 9:15 p.m. | 13 hours, 10 minutes ago Description : MRCMS v3.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/group/save.do. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-50582 - StudentManage Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-50582 Published : July 18, 2025, 9:15 p.m. | 13 hours, 10 minutes ago Description : StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Course module. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-50583 - StudentManage Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-50583 Published : July 18, 2025, 9:15 p.m. | 13 hours, 10 minutes ago Description : StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Student module. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-7806 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7806 Published : July 18, 2025, 9:15 p.m. | 13 hours, 10 minutes ago Description : A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-7807 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7807 Published : July 18, 2025, 9:15 p.m. | 13 hours, 10 minutes ago Description : A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. This issue affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 21:15:00 GMT

read more

CVE-2025-7805 - Tenda FH451 PPTP Stack Buffer Overflow

CVE ID : CVE-2025-7805 Published : July 18, 2025, 8:15 p.m. | 14 hours, 10 minutes ago Description : A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-7803 - Descreekert wx-discuz Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7803 Published : July 18, 2025, 8:15 p.m. | 12 hours, 34 minutes ago Description : A vulnerability was found in descreekert wx-discuz up to 12bd4745c63ec203cb32119bf77ead4a923bf277. It has been classified as problematic. This affects the function validToken of the file /wx.php. The manipulation of the argument echostr leads to cross site scripting. It is possible to initiate the attack remotely. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-54310 - qBittorrent Local File Disclosure

CVE ID : CVE-2025-54310 Published : July 18, 2025, 8:15 p.m. | 10 hours, 40 minutes ago Description : qBittorrent before 5.1.2 does not prevent access to a local file that is referenced in a link URL. This affects rsswidget.cpp and searchjobwidget.cpp. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-50584 - StudentManage XSS Vulnerability in Add A New Teacher Module

CVE ID : CVE-2025-50584 Published : July 18, 2025, 8:15 p.m. | 8 hours, 40 minutes ago Description : StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Teacher module. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-50708 - Perplexity AI GPT-4 Information Disclosure

CVE ID : CVE-2025-50708 Published : July 18, 2025, 8:15 p.m. | 8 hours, 40 minutes ago Description : An issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information via the token component in the shared chat URL Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 20:15:00 GMT

read more

CVE-2025-7800 - "CGPandey Hotelmis HTTP GET Request Handler Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-7800 Published : July 18, 2025, 7:15 p.m. | 9 hours, 40 minutes ago Description : A vulnerability classified as problematic was found in cgpandey hotelmis up to c572198e6c4780fccc63b1d3e8f3f72f825fc94e. This vulnerability affects unknown code of the file admin.php of the component HTTP GET Request Handler. The manipulation of the argument Search leads to cross site scripting. The attack can be initiated remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-7801 - BossSoft CRM SQL Injection Vulnerability

CVE ID : CVE-2025-7801 Published : July 18, 2025, 7:15 p.m. | 9 hours, 40 minutes ago Description : A vulnerability has been found in BossSoft CRM 6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /crm/module/HNDCBas_customPrmSearchDtl.jsp. The manipulation of the argument cstid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-7802 - PHPGurukul Complaint Management System Cross Site Scripting Vulnerability

CVE ID : CVE-2025-7802 Published : July 18, 2025, 7:15 p.m. | 9 hours, 40 minutes ago Description : A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument Search leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-33014 - IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-33014 Published : July 18, 2025, 7:15 p.m. | 7 hours, 50 minutes ago Description : IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-50585 - StudentManage SQL Injection Vulnerability

CVE ID : CVE-2025-50585 Published : July 18, 2025, 7:15 p.m. | 7 hours, 50 minutes ago Description : StudentManage v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/adminStudentUrl. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-52163 - Agorum Core Agorum Software GmbH SSRF

CVE ID : CVE-2025-52163 Published : July 18, 2025, 7:15 p.m. | 7 hours, 50 minutes ago Description : A Server-Side Request Forgery (SSRF) in the component TunnelServlet of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows attackers to forcefully initiate connections to arbitrary internal and external resources via a crafted request. This can lead to sensitive data exposure. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-52169 - Agorum Core Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-52169 Published : July 18, 2025, 7:15 p.m. | 7 hours, 50 minutes ago Description : agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-54309 - CrushFTP Remote Admin Access Vulnerability

CVE ID : CVE-2025-54309 Published : July 18, 2025, 7:15 p.m. | 7 hours, 50 minutes ago Description : CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS, as exploited in the wild in July 2025. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-7798 - Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System SQL Injection Vulnerability

CVE ID : CVE-2025-7798 Published : July 18, 2025, 7:15 p.m. | 7 hours, 50 minutes ago Description : A vulnerability classified as critical has been found in Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System up to 8.2. This affects an unknown part of the file /admin/system/structure/getdirectorydata/web/baseinfo/companyManage. The manipulation of the argument Struccture_ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 19:15:00 GMT

read more

CVE-2025-52168 - Agorum Software GmbH Agorum Core File Access Vulnerability

CVE ID : CVE-2025-52168 Published : July 18, 2025, 6:15 p.m. | 4 hours, 39 minutes ago Description : Incorrect access control in the dynawebservice component of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows unauthenticated attackers to access arbitrary files on the system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-53901 - Wasmtime WASIp1 Denial-of-Service Vulnerability

CVE ID : CVE-2025-53901 Published : July 18, 2025, 6:15 p.m. | 4 hours, 39 minutes ago Description : Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host (embedder). The specific bug is triggered by calling `path_open` after calling `fd_renumber` with either two equal argument values or a second argument being equal to a previously-closed file descriptor number value. The corrupt state introduced in `fd_renumber` will lead to the subsequent opening of a file descriptor to panic. This panic cannot introduce memory unsafety or allow WebAssembly to break outside of its sandbox, however. There is no possible heap corruption or memory unsafety from this panic. This bug is in the implementation of Wasmtime's `wasmtime-wasi` crate which provides an implementation of WASIp1. The bug requires a specially crafted call to `fd_renumber` in addition to the ability to open a subsequent file descriptor. Opening a second file descriptor is only possible when a preopened directory was provided to the guest, and this is common amongst embeddings. A panic in the host is considered a denial-of-service vector for WebAssembly embedders and is thus a security issue in Wasmtime. This bug does not affect WASIp2 and embedders using components. In accordance with Wasmtime's release process, patch releases are available as 24.0.4, 33.0.2, and 34.0.2. Users of other release of Wasmtime are recommended to move to a supported release of Wasmtime. Embedders who are using components or are not providing guest access to create more file descriptors (e.g. via a preopened filesystem directory) are not affected by this issue. Otherwise, there is no workaround at this time, and affected embeddings are recommended to update to a patched version which will not cause a panic in the host. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-7795 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7795 Published : July 18, 2025, 6:15 p.m. | 4 hours, 39 minutes ago Description : A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-7796 - Tenda PPTPDClient Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7796 Published : July 18, 2025, 6:15 p.m. | 4 hours, 39 minutes ago Description : A vulnerability, which was classified as critical, was found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument Username leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-7797 - GPAC Dash Client Null Pointer Dereference Remote Vulnerability

CVE ID : CVE-2025-7797 Published : July 18, 2025, 6:15 p.m. | 4 hours, 39 minutes ago Description : A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is the function gf_dash_download_init_segment of the file src/media_tools/dash_client.c. The manipulation of the argument base_init_url leads to null pointer dereference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 153ea314b6b053db17164f8bc3c7e1e460938eaa. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-52166 - Agorum Core Privilege Escalation Vulnerability

CVE ID : CVE-2025-52166 Published : July 18, 2025, 6:15 p.m. | 4 hours, 1 minute ago Description : Incorrect access control in Software GmbH Agorum core open v11.9.2 & v11.10.1 allows authenticated attackers to escalate privileges to Administrator and access sensitive components and information. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-52164 - Agorum Core Password Storage Vulnerability

CVE ID : CVE-2025-52164 Published : July 18, 2025, 6:15 p.m. | 2 hours, 39 minutes ago Description : Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to store credentials in plaintext. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 18:15:00 GMT

read more

CVE-2025-7783 - FormData Insufficiently Random Values HTTP Parameter Pollution

CVE ID : CVE-2025-7783 Published : July 18, 2025, 5:15 p.m. | 3 hours, 38 minutes ago Description : Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-7792 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7792 Published : July 18, 2025, 5:15 p.m. | 3 hours, 38 minutes ago Description : A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-7793 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7793 Published : July 18, 2025, 5:15 p.m. | 3 hours, 38 minutes ago Description : A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-7794 - Tenda FH451 Stack-Based Buffer Overflow

CVE ID : CVE-2025-7794 Published : July 18, 2025, 5:15 p.m. | 3 hours, 38 minutes ago Description : A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-45156 - Splashin iOS Location Spoofing Vulnerability

CVE ID : CVE-2025-45156 Published : July 18, 2025, 5:15 p.m. | 1 hour, 50 minutes ago Description : Splashin iOS v2.0 fails to enforce server-side interval restrictions for location updates for free-tier users. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-45157 - Splashin iOS Privilege Escalation Vulnerability

CVE ID : CVE-2025-45157 Published : July 18, 2025, 5:15 p.m. | 1 hour, 50 minutes ago Description : Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-47158 - Azure DevOps Authentication Bypass

CVE ID : CVE-2025-47158 Published : July 18, 2025, 5:15 p.m. | 1 hour, 50 minutes ago Description : Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-47995 - Azure Machine Learning Authentication Privilege Escalation

CVE ID : CVE-2025-47995 Published : July 18, 2025, 5:15 p.m. | 1 hour, 50 minutes ago Description : Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-49746 - Azure Machine Learning Privilege Elevation Vulnerability

CVE ID : CVE-2025-49746 Published : July 18, 2025, 5:15 p.m. | 1 hour, 50 minutes ago Description : Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-49747 - Azure Machine Learning Privilege Escalation

CVE ID : CVE-2025-49747 Published : July 18, 2025, 5:15 p.m. | 1 hour, 50 minutes ago Description : Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-50586 - StudentManage CSRF

CVE ID : CVE-2025-50586 Published : July 18, 2025, 5:15 p.m. | 1 hour, 50 minutes ago Description : StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-52162 - Agorum Software GmbH Agorum Core XXE Vulnerability

CVE ID : CVE-2025-52162 Published : July 18, 2025, 5:15 p.m. | 1 hour, 50 minutes ago Description : agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML External Entity (XXE) via the RSSReader endpoint. This vulnerability allows attackers to access sensitive data via providing a crafted XML input. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-53762 - Microsoft Purview Privilege Escalation

CVE ID : CVE-2025-53762 Published : July 18, 2025, 5:15 p.m. | 1 hour, 50 minutes ago Description : Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 17:15:00 GMT

read more

CVE-2025-54078 - WeGIA Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54078 Published : July 18, 2025, 4:15 p.m. | 2 hours, 50 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in versions prior to 3.4.6 in the `personalizacao_imagem.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the `err` parameter. Version 3.4.6 fixes the issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54079 - WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-54079 Published : July 18, 2025, 4:15 p.m. | 2 hours, 50 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the endpoint `/html/atendido/Profile_Atendido.php`, in the `idatendido` parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive information. Version 3.4.6 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-7789 - Xuxueli xxl-job Password Hashing Weakness

CVE ID : CVE-2025-7789 Published : July 18, 2025, 4:15 p.m. | 2 hours, 50 minutes ago Description : A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of the file src/main/java/com/xxl/job/admin/controller/IndexController.java of the component Token Generation. The manipulation leads to password hash with insufficient computational effort. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-7790 - D-Link DI-8100 HTTP Request Handler Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7790 Published : July 18, 2025, 4:15 p.m. | 2 hours, 50 minutes ago Description : A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This affects an unknown part of the file /menu_nat.asp of the component HTTP Request Handler. The manipulation of the argument out_addr/in_addr/out_port/proto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-7791 - PHPGurukul Online Security Guards Hiring System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7791 Published : July 18, 2025, 4:15 p.m. | 2 hours, 50 minutes ago Description : A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/search.php. The manipulation of the argument searchdata leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-53888 - RIOT-OS L2FILTER Add Buffer Overflow

CVE ID : CVE-2025-53888 Published : July 18, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : RIOT-OS, an operating system that supports Internet of Things devices, has an ineffective size check implemented with `assert()` can lead to buffer overflow in versions up to and including 2025.04. Assertions are usually compiled out in production builds. If assertions are the only defense against untrusted inputs, the software may be exposed to attacks that utilize the lack of proper input checks. In the `l2filter_add()` function shown below, `addr_len` is checked using an assertion and is subsequently used as an argument in a `memcpy()` call. When assertions are disabled, there would be no size check for `addr_len`. As a consequence, if an attacker were to provide an `addr_len` value larger than `CONFIG_L2FILTER_ADDR_MAXLEN`, they can trigger a buffer overflow and write past the `list[i].addr` buffer. If the unchecked input is attacker-controlled, the impact of the buffer overflow can range from a denial of service to arbitrary code execution. Commit f6f7de4ccc107c018630e4c15500825caf02e1c2 contains a patch for the vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-53945 - Apko File Permission Vulnerability (Root Escalation)

CVE ID : CVE-2025-53945 Published : July 18, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the issue. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54059 - Melange SBOM Generation Permissions Vulnerability

CVE ID : CVE-2025-54059 Published : July 18, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : melange allows users to build apk packages using declarative pipelines. Starting in version 0.23.0 and prior to version 0.29.5, SBOM files generated by melange in apks had file system permissions mode 666. This potentially allows an unprivileged user to tamper with apk SBOMs on a running image, potentially confusing security scanners. An attacker could also perform a DoS under special circumstances. Version 0.29.5 fixes the issue. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54073 - Microsoft MCP Package Docs Command Injection Vulnerability

CVE ID : CVE-2025-54073 Published : July 18, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : mcp-package-docs is an MCP (Model Context Protocol) server that provides LLMs with efficient access to package documentation across multiple programming languages and language server protocol (LSP) capabilities. A command injection vulnerability exists in the `mcp-package-docs` MCP Server prior to the fix in commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9. The vulnerability is caused by the unsanitized use of input parameters within a call to `child_process.exec`, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (`|`, `>`, `&&`, etc.). Commit cb4ad49615275379fd6f2f1cf1ec4731eec56eb9 in version 0.1.27 contains a fix for the issue, but upgrading to 0.1.28 is recommended. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54075 - Nuxtjs MDC Stored Cross-Site Scripting (Remote Script-Inclusion)

CVE ID : CVE-2025-54075 Published : July 18, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. Prior to version 0.17.2, a remote script-inclusion / stored cross-site scripting vulnerability in @nuxtjs/mdc lets a Markdown author inject a `` element. The `` tag rewrites how all subsequent relative URLs are resolved, so an attacker can make the page load scripts, styles, or images from an external, attacker-controlled origin and execute arbitrary JavaScript in the site’s context. Version 0.17.2 contains a fix for the issue. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54076 - WeGIA Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-54076 Published : July 18, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in versions prior to 3.4.6 in the `pre_cadastro_atendido.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the `msg_e` parameter. Version 3.4.6 fixes the issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-54077 - WeGIA Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-54077 Published : July 18, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in versions prior to 3.4.6 in the `personalizacao.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the `err` parameter. Version 3.4.6 fixes the issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 16:15:00 GMT

read more

CVE-2025-46000 - Apache Filemanager SVG File Upload RCE

CVE ID : CVE-2025-46000 Published : July 18, 2025, 3:15 p.m. | 1 hour, 24 minutes ago Description : An arbitrary file upload vulnerability in the component /rsc/filemanager.rsc.class.php of Filemanager commit c75b914 v.2.5.0 allows attackers to execute arbitrary code via uploading a crafted SVG file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 15:15:00 GMT

read more

CVE-2025-46732 - OpenCTI IDOR Notification Manipulation

CVE ID : CVE-2025-46732 Published : July 18, 2025, 3:15 p.m. | 1 hour, 24 minutes ago Description : OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.6.6, an IDOR vulnerability in the GrapQL `NotificationLineNotificationMarkReadMutation` and `NotificationLineNotificationDeleteMutation` mutations of OpenCTI allows an authenticated user to change the read status of a notification or delete a notification of another user in case he has knowledge of the UUID of the notification. When changing the read status of a notification, the user also receives the content of the notification they changed the read status of. Authenticated Users in OpenCTI can read, modify and delete notification of other users if they know the UUID of the notification. Version 6.6.6 fixes the issue. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 15:15:00 GMT

read more

CVE-2025-7787 - Xuxueli xxl-job Server-Side Request Forgery (SSRF) Vulnerability

CVE ID : CVE-2025-7787 Published : July 18, 2025, 3:15 p.m. | 1 hour, 24 minutes ago Description : A vulnerability, which was classified as critical, was found in Xuxueli xxl-job up to 3.1.1. Affected is the function httpJobHandler of the file src\main\java\com\xxl\job\executor\service\jobhandler\SampleXxlJob.java. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 15:15:00 GMT

read more

CVE-2025-7788 - Xuxueli xxl-job OS Command Injection

CVE ID : CVE-2025-7788 Published : July 18, 2025, 3:15 p.m. | 1 hour, 24 minutes ago Description : A vulnerability has been found in Xuxueli xxl-job up to 3.1.1 and classified as critical. Affected by this vulnerability is the function commandJobHandler of the file src\main\java\com\xxl\job\executor\service\jobhandler\SampleXxlJob.java. The manipulation leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 15:15:00 GMT

read more

CVE-2024-13175 - Vidco Software VOC TESTER Authorization Bypass

CVE ID : CVE-2024-13175 Published : July 18, 2025, 2:15 p.m. | 2 hours, 24 minutes ago Description : Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER allows Forceful Browsing.This issue affects VOC TESTER: before 12.41.0. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-46001 - Apache Filemanager PHP File Upload RCE

CVE ID : CVE-2025-46001 Published : July 18, 2025, 2:15 p.m. | 2 hours, 24 minutes ago Description : An arbitrary file upload vulnerability in the is_allowed_file_type() function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-46002 - Apache Filemanager Directory Traversal Vulnerability

CVE ID : CVE-2025-46002 Published : July 18, 2025, 2:15 p.m. | 2 hours, 24 minutes ago Description : An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-7784 - Keycloak Fine-Grained Admin Permissions Privilege Escalation Vulnerability

CVE ID : CVE-2025-7784 Published : July 18, 2025, 2:15 p.m. | 2 hours, 24 minutes ago Description : A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions(FGAPv2) are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorized elevation of access rights, compromising the intended separation of administrative duties and posing a security risk to the realm. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-7786 - Gnuboard Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7786 Published : July 18, 2025, 2:15 p.m. | 2 hours, 24 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Gnuboard g6 up to 6.0.10. This issue affects some unknown processing of the file /bbs/scrap_popin_update/qa/ of the component Post Reply Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 14:15:00 GMT

read more

CVE-2025-6227 - Mattermost Auth Token Interception Vulnerability

CVE ID : CVE-2025-6227 Published : July 18, 2025, 12:15 p.m. | 4 hours, 24 minutes ago Description : Mattermost versions 10.5.x 10.5.7, 9.11.x 9.11.16 fail to negotiate a new token when accepting the invite which allows a user that intercepts both invite and password to send synchronization payloads to the server that originally created the invite via the REST API. Severity: 2.2 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 12:15:00 GMT

read more

CVE-2025-7785 - JeeSite Open Redirect Vulnerability

CVE ID : CVE-2025-7785 Published : July 18, 2025, 12:15 p.m. | 4 hours, 24 minutes ago Description : A vulnerability classified as problematic was found in thinkgem JeeSite up to 5.12.0. This vulnerability affects the function sso of the file src/main/java/com/jeesite/modules/sys/web/SsoController.java. The manipulation of the argument redirect leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 12:15:00 GMT

read more

CVE-2025-50126 - Joomla RSBlog! Stored XSS Vulnerability

CVE ID : CVE-2025-50126 Published : July 18, 2025, 10:15 a.m. | 6 hours, 24 minutes ago Description : A stored XSS vulnerability in the RSBlog! component 1.11.6-1.14.5 Joomla was discovered. The issue allows remote authenticated users to inject arbitrary web script or HTML via the jform[tags_text] parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-6233 - Mattermost File Attachment Path Traversal Vulnerability

CVE ID : CVE-2025-6233 Published : July 18, 2025, 10:15 a.m. | 6 hours, 24 minutes ago Description : Mattermost versions 10.8.x 10.8.1, 10.7.x 10.7.3, 10.5.x 10.5.7, 9.11.x 9.11.16 fail to sanitize input paths of file attachments in the bulk import JSONL file, which allows a system admin to read arbitrary system files via path traversal. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-2425 - ESET Security Software TOCTTOU File Truncation Vulnerability

CVE ID : CVE-2025-2425 Published : July 18, 2025, 10:15 a.m. | 5 hours, 59 minutes ago Description : Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-49484 - Joomla JS Jobs SQL Injection

CVE ID : CVE-2025-49484 Published : July 18, 2025, 10:15 a.m. | 5 hours, 59 minutes ago Description : A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-49485 - Balbooa Forms SQL Injection Vulnerability

CVE ID : CVE-2025-49485 Published : July 18, 2025, 10:15 a.m. | 5 hours, 59 minutes ago Description : A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-49486 - Balbooa Gallery Joomla Stored XSS

CVE ID : CVE-2025-49486 Published : July 18, 2025, 10:15 a.m. | 5 hours, 59 minutes ago Description : A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-50056 - Joomla RSMail Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-50056 Published : July 18, 2025, 10:15 a.m. | 5 hours, 59 minutes ago Description : A reflected XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 28 Joomla was discovered. The issue allows remote attackers to inject arbitrary web script or HTML via the crafted parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-50057 - RSFiles! Denial of Service (DOS) Vulnerability

CVE ID : CVE-2025-50057 Published : July 18, 2025, 10:15 a.m. | 5 hours, 59 minutes ago Description : A DOS vulnerability in RSFiles! component 1.16.3-1.17.7 Joomla was discovered. The issue allows unauthenticated remote attackers to deny access to service via the search feature. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-50058 - Joomla RSDirectory! Stored XSS Vulnerability

CVE ID : CVE-2025-50058 Published : July 18, 2025, 10:15 a.m. | 5 hours, 59 minutes ago Description : A stored XSS vulnerability in the RSDirectory! component 1.0.0-2.2.8 Joomla was discovered. The issue allows remote authenticated attackers to inject arbitrary web script or HTML via the review reply component. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 10:15:00 GMT

read more

CVE-2025-6226 - Mattermost Authorization Bypass Vulnerability

CVE ID : CVE-2025-6226 Published : July 18, 2025, 9:15 a.m. | 6 hours, 59 minutes ago Description : Mattermost versions 10.5.x 10.5.6, 10.8.x 10.8.1, 10.7.x 10.7.3, 9.11.x 9.11.16 fail to verify authorization when retrieving cached posts by PendingPostID which allows an authenticated user to read posts in private channels they don't have access to via guessing the PendingPostID of recently created posts. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 09:15:00 GMT

read more

CVE-2025-7444 - "LoginPress Pro WordPress Authentication Bypass Vulnerability"

CVE ID : CVE-2025-7444 Published : July 18, 2025, 9:15 a.m. | 6 hours, 59 minutes ago Description : The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.0.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email and the user does not have an already-existing account for the service returning the token. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 09:15:00 GMT

read more

CVE-2025-38349 - Linux Kernel Epoll Use-After-Free Vulnerability

CVE ID : CVE-2025-38349 Published : July 18, 2025, 8:15 a.m. | 7 hours, 59 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and then doing a mutex_unlock(&ep->mtx); afterwards. That's very wrong, because it can lead to a use-after-free. That pattern is actually fine for the very last reference, because the code in question will delay the actual call to "ep_free(ep)" until after it has unlocked the mutex. But it's wrong for the much subtler "next to last" case when somebody *else* may also be dropping their reference and free the ep while we're still using the mutex. Note that this is true even if that other user is also using the same ep mutex: mutexes, unlike spinlocks, can not be used for object ownership, even if they guarantee mutual exclusion. A mutex "unlock" operation is not atomic, and as one user is still accessing the mutex as part of unlocking it, another user can come in and get the now released mutex and free the data structure while the first user is still cleaning up. See our mutex documentation in Documentation/locking/mutex-design.rst, in particular the section [1] about semantics: "mutex_unlock() may access the mutex structure even after it has internally released the lock already - so it's not safe for another context to acquire the mutex and assume that the mutex_unlock() context is not using the structure anymore" So if we drop our ep ref before the mutex unlock, but we weren't the last one, we may then unlock the mutex, another user comes in, drops _their_ reference and releases the 'ep' as it now has no users - all while the mutex_unlock() is still accessing it. Fix this by simply moving the ep refcount dropping to outside the mutex: the refcount itself is atomic, and doesn't need mutex protection (that's the whole _point_ of refcounts: unlike mutexes, they are inherently about object lifetimes). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-6023 - Grafana Open Redirect XSS Vulnerability

CVE ID : CVE-2025-6023 Published : July 18, 2025, 8:15 a.m. | 7 hours, 59 minutes ago Description : An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01 Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-6197 - Grafana Open Redirect Vulnerability

CVE ID : CVE-2025-6197 Published : July 18, 2025, 8:15 a.m. | 7 hours, 59 minutes ago Description : An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2024-27779 - FortiSandbox FortiIsolator Insufficient Session Expiration Vulnerability

CVE ID : CVE-2024-27779 Published : July 18, 2025, 8:15 a.m. | 6 hours, 39 minutes ago Description : An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4.4.4 and below, version 4.2.6 and below, 4.0 all versions, 3.2 all versions and FortiIsolator version 2.4 and below, 2.3 all versions, 2.2 all versions, 2.1 all versions, 2.0 all versions, 1.2 all versions may allow a remote attacker in possession of an admin session cookie to keep using that admin's session even after the admin user was deleted. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2024-32124 - FortiIsolator Improper Access Control Logging Vulnerability

CVE ID : CVE-2024-32124 Published : July 18, 2025, 8:15 a.m. | 6 hours, 38 minutes ago Description : An improper access control vulnerability [CWE-284] in FortiIsolator version 2.4.4, version 2.4.3, 2.3 all versions logging component may allow a remote authenticated read-only attacker to alter logs via a crafted HTTP request. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-26854 - Joomla Articles Good Search SQL Injection Vulnerability

CVE ID : CVE-2025-26854 Published : July 18, 2025, 8:15 a.m. | 6 hours, 38 minutes ago Description : A SQL injection in Articles Good Search extension 1.0.0 - 1.2.4.0011 for Joomla allows attackers to execute arbitrary SQL commands. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-26855 - Joomla Articles Calendar SQL Injection

CVE ID : CVE-2025-26855 Published : July 18, 2025, 8:15 a.m. | 6 hours, 38 minutes ago Description : A SQL injection in Articles Calendar extension 1.0.0 - 1.0.1.0007 for Joomla allows attackers to execute arbitrary SQL commands. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 08:15:00 GMT

read more

CVE-2025-7438 - MasterStudy LMS Pro WordPress Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-7438 Published : July 18, 2025, 7:15 a.m. | 5 hours, 38 minutes ago Description : The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'install_and_activate_plugin' function in all versions up to, and including, 4.7.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability is difficult to exploit due to timing requirements and environmental factors. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 07:15:00 GMT

read more

CVE-2025-7772 - "WordPress Malware Removal Plugin Arbitrary File Read Vulnerability"

CVE ID : CVE-2025-7772 Published : July 18, 2025, 7:15 a.m. | 5 hours, 38 minutes ago Description : The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 16.8 via the wpmr_inspect_file() function due to a missing capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 07:15:00 GMT

read more

CVE-2025-6719 - WordPress Terms Descriptions Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6719 Published : July 18, 2025, 6:15 a.m. | 6 hours, 38 minutes ago Description : The Terms descriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6726 - WordPress Block Editor Gallery Slider Unauthenticated Post Meta Modification Vulnerability

CVE ID : CVE-2025-6726 Published : July 18, 2025, 6:15 a.m. | 6 hours, 38 minutes ago Description : The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classic_gallery_slider_options() function in all versions up to, and including, 1.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post meta for arbitrary posts. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-7643 - WordPress Attachment Manager Remote File Deletion Vulnerability

CVE ID : CVE-2025-7643 Published : July 18, 2025, 6:15 a.m. | 6 hours, 38 minutes ago Description : The Attachment Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the handle_actions() function in all versions up to, and including, 2.1.2. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6717 - WordPress B1.lt Plugin SQL Injection Vulnerability

CVE ID : CVE-2025-6717 Published : July 18, 2025, 6:15 a.m. | 4 hours, 38 minutes ago Description : The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6718 - B1.lt WordPress SQL Injection

CVE ID : CVE-2025-6718 Published : July 18, 2025, 6:15 a.m. | 4 hours, 38 minutes ago Description : The B1.lt plugin for WordPress is vulnerable to SQL Injection due to a missing capability check on the b1_run_query AJAX action in all versions up to, and including, 2.2.56. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute and run arbitrary SQL commands. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-29572 - Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2025-29572 Published : July 18, 2025, 6:15 a.m. | 2 hours, 38 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5752 - WordPress Vertical Scroll Image Slideshow Gallery Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5752 Published : July 18, 2025, 6:15 a.m. | 2 hours, 38 minutes ago Description : The Vertical scroll image slideshow gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 11.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5754 - WordPress Useful Tab Block Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5754 Published : July 18, 2025, 6:15 a.m. | 2 hours, 38 minutes ago Description : The Useful Tab Block – Responsive & AMP-Compatible plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘className’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5767 - WooCommerce Crowdfunding Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5767 Published : July 18, 2025, 6:15 a.m. | 2 hours, 38 minutes ago Description : The Crowdfunding for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 3.1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5800 - WordPress Testimonial Post Type Stored Cross-Site Scripting

CVE ID : CVE-2025-5800 Published : July 18, 2025, 6:15 a.m. | 2 hours, 38 minutes ago Description : The Testimonial Post type plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘auto_play’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-5811 - Listly: WordPress Unauthenticated Transient Deletion Vulnerability

CVE ID : CVE-2025-5811 Published : July 18, 2025, 6:15 a.m. | 2 hours, 38 minutes ago Description : The Listly: Listicles For WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Init() function in all versions up to, and including, 2.7. This makes it possible for unauthenticated attackers to delete arbitrary transient values on the WordPress site. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6222 - "WooCommerce Refund And Exchange with RMA - Warranty Management, Refund Policy, Manage User Wallet Arbitrary File Upload Vulnerability"

CVE ID : CVE-2025-6222 Published : July 18, 2025, 6:15 a.m. | 2 hours, 38 minutes ago Description : The WooCommerce Refund And Exchange with RMA - Warranty Management, Refund Policy, Manage User Wallet theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ced_rnx_order_exchange_attach_files' function in all versions up to, and including, 3.2.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 06:15:00 GMT

read more

CVE-2025-6813 - Apacheaapanel WordPress Privilege Escalation Vulnerability

CVE ID : CVE-2025-6813 Published : July 18, 2025, 5:15 a.m. | 3 hours, 38 minutes ago Description : The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks within the auto_login() function in versions 1.0 to 1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to bypass all role checks and gain full admin privileges. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-7638 - Forminator Forms SQL Injection

CVE ID : CVE-2025-7638 Published : July 18, 2025, 5:15 a.m. | 3 hours, 38 minutes ago Description : The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to time-based SQL Injection via the `order_by` parameter in all versions up to, and including, 1.45.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-7648 - Ruven Themes WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-7648 Published : July 18, 2025, 5:15 a.m. | 3 hours, 38 minutes ago Description : The Ruven Themes: Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ruven_button' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-7660 - Map My Locations WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7660 Published : July 18, 2025, 5:15 a.m. | 3 hours, 38 minutes ago Description : The Map My Locations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'map_my_locations' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-3740 - "WordPress School Management System Local File Inclusion Vulnerability"

CVE ID : CVE-2025-3740 Published : July 18, 2025, 5:15 a.m. | 3 hours, 13 minutes ago Description : The School Management System for Wordpress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 93.1.0 via the 'page' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. The Local File Inclusion exploit can be chained to include various dashboard view files in the plugin. One such chain can be leveraged to update the password of Super Administrator accounts in Multisite environments making privilege escalation possible. The vendor has updated the version numbers beginning with `1.93.1 (02-07-2025)` for the patched version. This version comes after version 93.1.0. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-5816 - "WooCommerce Pengiriman Plugin Insecure Direct Object Reference"

CVE ID : CVE-2025-5816 Published : July 18, 2025, 5:15 a.m. | 3 hours, 13 minutes ago Description : The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.0 via the get_order_detail() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's orders. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-6053 - Zuppler Online Ordering for WordPress CSRF

CVE ID : CVE-2025-6053 Published : July 18, 2025, 5:15 a.m. | 3 hours, 13 minutes ago Description : The Zuppler Online Ordering plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.0. This is due to missing or incorrect nonce validation on the 'zuppler-online-ordering-options' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-6781 - Copymatic – WordPress CSRF (Cross-Site Request Forgery)

CVE ID : CVE-2025-6781 Published : July 18, 2025, 5:15 a.m. | 3 hours, 13 minutes ago Description : The Copymatic – AI Content Writer & Generator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1. This is due to missing or incorrect nonce validation on the 'copymatic-menu' page. This makes it possible for unauthenticated attackers to update the copymatic_apikey option via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 05:15:00 GMT

read more

CVE-2025-7431 - WordPress Knowledge Base Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7431 Published : July 18, 2025, 2:15 a.m. | 6 hours, 13 minutes ago Description : The Knowledge Base plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin slug setting in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 02:15:00 GMT

read more

CVE-2025-7767 - PHPGurukul Art Gallery Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7767 Published : July 18, 2025, 1:15 a.m. | 7 hours, 13 minutes ago Description : A vulnerability, which was classified as problematic, has been found in PHPGurukul Art Gallery Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/edit-art-medium-detail.php. The manipulation of the argument artmed leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 01:15:00 GMT

read more

CVE-2025-6185 - Leviton AcquiSuite and Energy Monitoring Hub Cross-Site Scripting (XSS)

CVE ID : CVE-2025-6185 Published : July 18, 2025, 12:15 a.m. | 8 hours, 13 minutes ago Description : Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting vulnerability, allowing an attacker to craft a malicious payload in URL parameters, which would execute in a client browser when accessed by a user, steal session tokens, and control the service. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 18 Jul 2025 00:15:00 GMT

read more

CVE-2025-7763 - Open Redirect Vulnerability in thinkgem JeeSite Site Controller/SSO

CVE ID : CVE-2025-7763 Published : July 17, 2025, 11:15 p.m. | 7 hours, 13 minutes ago Description : A vulnerability, which was classified as problematic, was found in thinkgem JeeSite up to 5.12.0. Affected is an unknown function of the component Site Controller/SSO. The manipulation leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 3d06b8d009d0267f0255acc87ea19d29d07cedc3. It is recommended to apply a patch to fix this issue. Multiple endpoints are affected. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 23:15:00 GMT

read more

CVE-2025-7764 - Code-Projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7764 Published : July 17, 2025, 11:15 p.m. | 7 hours, 13 minutes ago Description : A vulnerability classified as critical has been found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /admin/deletedoctorclinic.php. The manipulation of the argument clinic leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 23:15:00 GMT

read more

CVE-2025-7765 - Code-projects Online Appointment Booking System SQL Injection

CVE ID : CVE-2025-7765 Published : July 17, 2025, 11:15 p.m. | 7 hours, 13 minutes ago Description : A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addmanagerclinic.php. The manipulation of the argument clinic leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 23:15:00 GMT

read more

CVE-2025-6391 - Brocade ASCG Log File Exposed JWT Vulnerability

CVE ID : CVE-2025-6391 Published : July 17, 2025, 10:15 p.m. | 8 hours, 13 minutes ago Description : Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7397 - Brocade ASCG CLI Command History Information Disclosure

CVE ID : CVE-2025-7397 Published : July 17, 2025, 10:15 p.m. | 8 hours, 13 minutes ago Description : A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface (CLI) in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized access and potential data breaches. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7398 - Brocade ASCG Cryptographic Weakness

CVE ID : CVE-2025-7398 Published : July 17, 2025, 10:15 p.m. | 8 hours, 13 minutes ago Description : Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7758 - TOTOLINK T6 HTTP POST Request Handler Buffer Overflow

CVE ID : CVE-2025-7758 Published : July 17, 2025, 10:15 p.m. | 8 hours, 13 minutes ago Description : A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748_B20211015. Affected by this issue is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7759 - Thinkgem JeeSite UEditor Image Grabber SSRF Vulnerability

CVE ID : CVE-2025-7759 Published : July 17, 2025, 10:15 p.m. | 8 hours, 13 minutes ago Description : A vulnerability, which was classified as critical, was found in thinkgem JeeSite up to 5.12.0. This affects an unknown part of the file modules/core/src/main/java/com/jeesite/common/ueditor/ActionEnter.java of the component UEditor Image Grabber. The manipulation of the argument Source leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 1c5e49b0818037452148e0f8ff69ed04cb8fefdc. It is recommended to apply a patch to fix this issue. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-7762 - D-Link DI-8100 HTTP Request Handler Stack-Based Buffer Overflow

CVE ID : CVE-2025-7762 Published : July 17, 2025, 10:15 p.m. | 8 hours, 13 minutes ago Description : A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menu_nat_more.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 22:15:00 GMT

read more

CVE-2025-23269 - NVIDIA Jetson Linux Microarchitectural Predictor State Information Disclosure

CVE ID : CVE-2025-23269 Published : July 17, 2025, 9:15 p.m. | 9 hours, 13 minutes ago Description : NVIDIA Jetson Linux contains a vulnerability in the kernel where an attacker may cause an exposure of sensitive information due to a shared microarchitectural predictor state that influences transient execution. A successful exploit of this vulnerability may lead to information disclosure. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 21:15:00 GMT

read more

CVE-2025-7755 - Code-projects Online Ordering System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7755 Published : July 17, 2025, 9:15 p.m. | 9 hours, 13 minutes ago Description : A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit_product.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 21:15:00 GMT

read more

CVE-2025-7756 - Code-Projects E-Commerce Site Cross-Site Request Forgery Vulnerability

CVE ID : CVE-2025-7756 Published : July 17, 2025, 9:15 p.m. | 9 hours, 13 minutes ago Description : A vulnerability classified as problematic has been found in code-projects E-Commerce Site 1.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 21:15:00 GMT

read more

CVE-2025-7757 - PHPGurukul Land Record System SQL Injection Vulnerability

CVE ID : CVE-2025-7757 Published : July 17, 2025, 9:15 p.m. | 9 hours, 13 minutes ago Description : A vulnerability classified as critical was found in PHPGurukul Land Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-property.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 21:15:00 GMT

read more

CVE-2025-7754 - Code-projects Patient Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7754 Published : July 17, 2025, 8:15 p.m. | 10 hours, 13 minutes ago Description : A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /xray_form.php. The manipulation of the argument itr_no leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6231 - Lenovo Vantage Elevation of Privilege Vulnerability

CVE ID : CVE-2025-6231 Published : July 17, 2025, 8:15 p.m. | 8 hours, 13 minutes ago Description : An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying an application configuration file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6232 - Lenovo Vantage Elevation of Privilege

CVE ID : CVE-2025-6232 Published : July 17, 2025, 8:15 p.m. | 8 hours, 13 minutes ago Description : An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying specific registry locations. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6248 - Lenovo Browser Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6248 Published : July 17, 2025, 8:15 p.m. | 8 hours, 13 minutes ago Description : A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user visits a web page with specially crafted content. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6249 - FileZ Client Authentication Bypass

CVE ID : CVE-2025-6249 Published : July 17, 2025, 8:15 p.m. | 8 hours, 13 minutes ago Description : An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access to application data. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-7433 - Sophos Intercept X for Windows Local Privilege Escalation Remote Code Execution

CVE ID : CVE-2025-7433 Published : July 17, 2025, 8:15 p.m. | 8 hours, 13 minutes ago Description : A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-7751 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7751 Published : July 17, 2025, 8:15 p.m. | 8 hours, 13 minutes ago Description : A vulnerability has been found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/addclinic.php. The manipulation of the argument cid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-7752 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7752 Published : July 17, 2025, 8:15 p.m. | 8 hours, 13 minutes ago Description : A vulnerability was found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletedoctor.php. The manipulation of the argument did leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-7753 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7753 Published : July 17, 2025, 8:15 p.m. | 8 hours, 13 minutes ago Description : A vulnerability was found in code-projects Online Appointment Booking System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/adddoctor.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-53964 - GoldenDict Uncontrolled File Modification Vulnerability

CVE ID : CVE-2025-53964 Published : July 17, 2025, 8:15 p.m. | 4 hours, 21 minutes ago Description : GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-6230 - Lenovo Vantage SQL Injection Vulnerability

CVE ID : CVE-2025-6230 Published : July 17, 2025, 8:15 p.m. | 4 hours, 21 minutes ago Description : A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute code with elevated permissions. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-42209 - HCL Connections Information Disclosure Vulnerability

CVE ID : CVE-2024-42209 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, which is caused by improper handling of request data. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-0886 - Elliptic Labs Virtual Lock Sensor Privilege Escalation Vulnerability

CVE ID : CVE-2025-0886 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escalate privileges. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-1700 - Motorola Software Fix DLL Hijacking Privilege Escalation

CVE ID : CVE-2025-1700 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a local attacker to escalate privileges during installation of the software. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-1729 - TrackPoint Quick Menu DLL Hijacking Privilege Escalation Vulnerability

CVE ID : CVE-2025-1729 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker to escalate privileges. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-23266 - NVIDIA Container Toolkit Privilege Escalation Vulnerability

CVE ID : CVE-2025-23266 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-23267 - NVIDIA Container Toolkit Link Following Vulnerability (Denial of Service and Data Tampering)

CVE ID : CVE-2025-23267 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-23270 - NVIDIA Jetson Linux UEFI Management Mode Information Disclosure and Execution Vulnerability

CVE ID : CVE-2025-23270 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : NVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, where an unprivileged local attacker may cause exposure of sensitive information via a side channel vulnerability. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-2818 - Motorola Smart Connect Bluetooth File Interception Vulnerability

CVE ID : CVE-2025-2818 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : A vulnerability was reported in version 1.0 of the Bluetooth Transmission Alliance protocol adopted by Motorola Smart Connect Android Application that could allow a nearby attacker within the Bluetooth interaction range to intercept files when transferred to a device not paired in Smart Connect. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-3753 - ROS Robot Operating System 'rosbag' Code Execution Vulnerability

CVE ID : CVE-2025-3753 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() function to process unsanitized, user-supplied input in the 'rosbag filter' command. This flaw enables attackers to craft and execute arbitrary Python code. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2025-4657 - Lenovo Protection Driver Buffer Overflow Vulnerability

CVE ID : CVE-2025-4657 Published : July 17, 2025, 8:15 p.m. | 1 hour, 37 minutes ago Description : A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local attacker with elevated privileges to execute arbitrary code. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-39289 - "ROS rosparam Code Execution Vulnerability"

CVE ID : CVE-2024-39289 Published : July 17, 2025, 8:15 p.m. | 50 minutes ago Description : A code execution vulnerability has been discovered in the Robot Operating System (ROS) 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability stems from the use of the eval() function to process unsanitized, user-supplied parameter values via special converters for angle representations in radians. This flaw allowed attackers to craft and execute arbitrary Python code. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-39835 - ROS roslaunch Code Injection Vulnerability

CVE ID : CVE-2024-39835 Published : July 17, 2025, 8:15 p.m. | 50 minutes ago Description : A code injection vulnerability has been identified in the Robot Operating System (ROS) 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() method to process user-supplied, unsanitized parameter values within the substitution args mechanism, which roslaunch evaluates before launching a node. This flaw allows attackers to craft and execute arbitrary Python code. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-41148 - ROS rostopic Code Injection Vulnerability

CVE ID : CVE-2024-41148 Published : July 17, 2025, 8:15 p.m. | 50 minutes ago Description : A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python expression via the --filter option. This input is passed directly to the eval() function without sanitization, allowing a local user to craft and execute arbitrary code. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-41921 - ROS "rostopic" Code Injection Vulnerability

CVE ID : CVE-2024-41921 Published : July 17, 2025, 8:15 p.m. | 50 minutes ago Description : A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'echo' verb, which allows a user to introspect a ROS topic and accepts a user-provided Python expression via the --filter option. This input is passed directly to the eval() function without sanitization, allowing a local user to craft and execute arbitrary code. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 20:15:00 GMT

read more

CVE-2024-13972 - Intercept X for Windows Privilege Escalation Vulnerability

CVE ID : CVE-2024-13972 Published : July 17, 2025, 7:15 p.m. | 37 minutes ago Description : A vulnerability related to registry permissions in the Intercept X for Windows updater prior to version 2024.3.2 can lead to a local user gaining system level privileges during a product upgrade. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-46102 - Beakon Learning Management System SCORM Cross Site Scripting Vulnerability

CVE ID : CVE-2025-46102 Published : July 17, 2025, 7:15 p.m. | 37 minutes ago Description : Cross Site Scripting vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model (SCORM) version V.5.4.3 allows a remote attacker to obtain sensitive information via the URL parameter Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-50240 - NBCIO-Boot SQL Injection Vulnerability

CVE ID : CVE-2025-50240 Published : July 17, 2025, 7:15 p.m. | 37 minutes ago Description : nbcio-boot v1.0.3 was discovered to contain a SQL injection vulnerability via the userIds parameter at /sys/user/deleteRecycleBin. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-53816 - 7-Zip RAR5 Heap Buffer Overflow

CVE ID : CVE-2025-53816 Published : July 17, 2025, 7:15 p.m. | 37 minutes ago Description : 7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-53817 - 7-Zip Denial of Service Null Pointer Dereference

CVE ID : CVE-2025-53817 Published : July 17, 2025, 7:15 p.m. | 37 minutes ago Description : 7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-54068 - Livewire Unauthenticated Remote Command Execution Vulnerability

CVE ID : CVE-2025-54068 Published : July 17, 2025, 7:15 p.m. | 37 minutes ago Description : Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is unique to Livewire v3 and does not affect prior major versions. Exploitation requires a component to be mounted and configured in a particular way, but does not require authentication or user interaction. This issue has been patched in Livewire v3.6.4. All users are strongly encouraged to upgrade to this version or later as soon as possible. No known workarounds are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-54070 - OpenZeppelin Contracts Memory Access Vulnerability

CVE ID : CVE-2025-54070 Published : July 17, 2025, 7:15 p.m. | 37 minutes ago Description : OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 5.2.0 and prior to version 5.4.0, the `lastIndexOf(bytes,byte,uint256)` function of the `Bytes.sol` library may access uninitialized memory when the following two conditions hold: 1) the provided buffer length is empty (i.e. `buffer.length == 0`) and position is not `2**256 - 1` (i.e. `pos != type(uint256).max`). The `pos` argument could be used to access arbitrary data outside of the buffer bounds. This could lead to the operation running out of gas, or returning an invalid index (outside of the empty buffer). Processing this invalid result for accessing the `buffer` would cause a revert under normal conditions. When triggered, the function reads memory at offset `buffer + 0x20 + pos`. If memory at that location (outside the `buffer`) matches the search pattern, the function would return an out of bound index instead of the expected `type(uint256).max`. This creates unexpected behavior where callers receive a valid-looking index pointing outside buffer bounds. Subsequent memory accesses that don't check bounds and use the returned index must carefully review the potential impact depending on their setup. Code relying on this function returning `type(uint256).max` for empty buffers or using the returned index without bounds checking could exhibit undefined behavior. Users should upgrade to version 5.4.0 to receive a patch. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-7472 - Intercept X for Windows Local Privilege Escalation

CVE ID : CVE-2025-7472 Published : July 17, 2025, 7:15 p.m. | 37 minutes ago Description : A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-7750 - Code-projects Online Appointment Booking System SQL Injection

CVE ID : CVE-2025-7750 Published : July 17, 2025, 7:15 p.m. | 37 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /admin/adddoctorclinic.php. The manipulation of the argument clinic leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 19:15:00 GMT

read more

CVE-2025-23263 - NVIDIA DOCA-Host and Mellanox OFED VGT+ Privilege Escalation and Denial of Service Vulnerability

CVE ID : CVE-2025-23263 Published : July 17, 2025, 6:15 p.m. | 1 hour, 37 minutes ago Description : NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ feature, where an attacker on a VM might cause escalation of privileges and denial of service on the VLAN. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-51497 - AdGuard Safari MacOS Information Disclosure

CVE ID : CVE-2025-51497 Published : July 17, 2025, 6:15 p.m. | 1 hour, 37 minutes ago Description : An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely logged each url that Safari accessed when the plugin was active. These logs went into the MacOS general logs for any unsandboxed process to read. This may be disabled in version 1.11.22. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-53638 - Solady Silent Failure in Proxy Initialization Vulnerability

CVE ID : CVE-2025-53638 Published : July 17, 2025, 6:15 p.m. | 1 hour, 37 minutes ago Description : Solady is software that provides Solidity snippets with APIs. Starting in version 0.0.125 and prior to version 0.1.24, when an account is deployed via a proxy, using regular Solidity to call its initialization function may result in a silent failure, if the initialization function does not return a `bool` or some other return data. This is because regular Solidity uses `extcodesize(proxy)` to decide if call succeeds. This is insufficient in the case when the proxy points to an empty implementation. Users should upgrade to Solady v0.1.24 or later to receive a patch. Deploy any affected implementations and their factories on new EVM chains as soon as possible. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-53644 - OpenCV Heap Buffer Write Vulnerability

CVE ID : CVE-2025-53644 Published : July 17, 2025, 6:15 p.m. | 1 hour, 37 minutes ago Description : OpenCV is an Open Source Computer Vision Library. Versions prior to 4.12.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-7747 - Tenda POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-7747 Published : July 17, 2025, 6:15 p.m. | 1 hour, 37 minutes ago Description : A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. The manipulation of the argument PPW leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-7748 - ZCMS Cross Site Scripting (XSS) Vulnerability in Create Article Page

CVE ID : CVE-2025-7748 Published : July 17, 2025, 6:15 p.m. | 1 hour, 37 minutes ago Description : A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article Page. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2025-7749 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7749 Published : July 17, 2025, 6:15 p.m. | 1 hour, 37 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects some unknown processing of the file /admin/getmanagerregion.php. The manipulation of the argument city leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 18:15:00 GMT

read more

CVE-2024-32323 - Cnhcit Haichang OA SQL Injection

CVE ID : CVE-2024-32323 Published : July 17, 2025, 5:15 p.m. | 2 hours, 37 minutes ago Description : SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0 allows a remote attacker to obtain sensitive information via the if parameter in hcit.project.rte.agents.UploadImages.class. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 17:15:00 GMT

read more

CVE-2023-41566 - OA EKP Arbitrary Download Vulnerability

CVE ID : CVE-2023-41566 Published : July 17, 2025, 4:15 p.m. | 3 hours, 37 minutes ago Description : OA EKP v16 was discovered to contain an arbitrary download vulnerability via the component /ui/sys_ui_extend/sysUiExtend.do. This vulnerability allows attackers to obtain the password of the background administrator and further obtain database permissions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2023-47356 - Mingyu Security Gateway Remote Command Execution Vulnerability

CVE ID : CVE-2023-47356 Published : July 17, 2025, 4:15 p.m. | 3 hours, 37 minutes ago Description : Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution (RCE) vulnerability via the log_type parameter at /log/fw_security.mds. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-25257 - Fortinet FortiWeb SQL Injection Vulnerability

CVE ID : CVE-2025-25257 Published : July 17, 2025, 4:15 p.m. | 3 hours, 37 minutes ago Description : An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-52046 - Totolink A3300R Command Injection Vulnerability

CVE ID : CVE-2025-52046 Published : July 17, 2025, 4:15 p.m. | 3 hours, 37 minutes ago Description : Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in the sub_4197C0 function via the mac and desc parameters. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-53867 - Island Lake WebBatch Remote Code Execution Vulnerability

CVE ID : CVE-2025-53867 Published : July 17, 2025, 4:15 p.m. | 3 hours, 37 minutes ago Description : Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-7338 - Multer DoS Vulnerability

CVE ID : CVE-2025-7338 Published : July 17, 2025, 4:15 p.m. | 3 hours, 37 minutes ago Description : Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.2 to receive a patch. No known workarounds are available. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-7339 - "On-Headers Header Modification Vulnerability"

CVE ID : CVE-2025-7339 Published : July 17, 2025, 4:15 p.m. | 3 hours, 37 minutes ago Description : on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions ` Severity: 3.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 16:15:00 GMT

read more

CVE-2025-54066 - DiracX-Web Redirect Hijacking Vulnerability

CVE ID : CVE-2025-54066 Published : July 17, 2025, 3:15 p.m. | 4 hours, 37 minutes ago Description : DiracX-Web is a web application that provides an interface to interact with the DiracX services. Prior to version 0.1.0-a8, an attacker can forge a request that they can pass to redirect an authenticated user to another arbitrary website. In the login page, DiracX-Web has a `redirect` field which is the location where the server will redirect the user. This URI is not verified, and can be an arbitrary URI. Paired with a parameter pollution, an attacker can hide their malicious URI. This could be used for phishing, and extract new data (such as redirecting to a new "log in" page, and asking another time credentials). Version 0.1.0-a8 fixes this vulnerability. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-47189 - Netwrix Directory Manager Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-47189 Published : July 17, 2025, 3:15 p.m. | 3 hours, 36 minutes ago Description : Netwrix Directory Manager through 2025-05-01 allows XSS. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54058 - WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-54058 Published : July 17, 2025, 3:15 p.m. | 3 hours, 36 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the `idatendido_familiares` parameter of the `/html/funcionario/dependente_editarEndereco.php` endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. Version 3.4.6 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54060 - WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-54060 Published : July 17, 2025, 3:15 p.m. | 3 hours, 36 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the `idatendido_familiares` parameter of the `/html/funcionario/dependente_editarInfoPessoal.php` endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. Version 3.4.6 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54061 - WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-54061 Published : July 17, 2025, 3:15 p.m. | 3 hours, 36 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the `idatendido_familiares` parameter of the `/html/funcionario/dependente_editarDoc.php` endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. Version 3.4.6 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54062 - WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-54062 Published : July 17, 2025, 3:15 p.m. | 3 hours, 36 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the `/html/funcionario/profile_dependente.php` endpoint, specifically in the `id_dependente` parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. Version 3.4.6 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-54064 - Rucio Apache Access Log Credentials Exposure

CVE ID : CVE-2025-54064 Published : July 17, 2025, 3:15 p.m. | 3 hours, 36 minutes ago Description : Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. The common Rucio helm-charts for the `rucio-server`, `rucio-ui`, and `rucio-webui` define the log format for the apache access log of these components. The `X-Rucio-Auth-Token`, which is part of each request header sent to Rucio, is part of this log format. Thus, each access log line potentially exposes the credentials (Internal Rucio token, or JWT in case of OIDC authentication) of the user. Due to the length of the token (Especially for a JWT) the tokens are often truncated, and thus not usable as credential; nevertheless, the (partial) credential should not be part of the logfile. The impact of this issue is amplified if the access logs are made available to a larger group of people than the instance administrators themselves. An updated release has been supplied for the `rucio-server`, `rucio-ui` and `rucio-webui` helm-chart. The change was also retrofitted for the currently supported Rucio LTS releases. The patched versions are rucio-server 37.0.2, 35.0.1, and 32.0.1; rucio-ui 37.0.4, 35.0.1, and 32.0.2; and rucio-webui 37.0.2, 35.1.1, and 32.0.1. As a workaround, one may update the `logFormat` variable and remove the `X-Rucio-Auth-Token`. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 15:15:00 GMT

read more

CVE-2025-53928 - MaxKB Remote Command Execution

CVE ID : CVE-2025-53928 Published : July 17, 2025, 2:15 p.m. | 4 hours, 35 minutes ago Description : MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-53941 - Hollo ActivityPub HTML Injection Vulnerability

CVE ID : CVE-2025-53941 Published : July 17, 2025, 2:15 p.m. | 4 hours, 35 minutes ago Description : Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Versions prior to 0.6.5 allow HTML form elements to be submitted, making the software vulnerable to HTML injection. Version 0.6.5 fixes the issue. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-53946 - WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-53946 Published : July 17, 2025, 2:15 p.m. | 4 hours, 35 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.5 in the `id_funcionario` parameter of the `/html/saude/profile_paciente.php` endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-1713 - Intel PCI Interrupt Remapping Deadlock Vulnerability

CVE ID : CVE-2025-1713 Published : July 17, 2025, 2:15 p.m. | 3 hours, 16 minutes ago Description : When setting up interrupt remapping for legacy PCI(-X) devices, including PCI(-X) bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-40924 - Catalyst::Plugin::Session Insecure Session ID Generation

CVE ID : CVE-2025-40924 Published : July 17, 2025, 2:15 p.m. | 3 hours, 16 minutes ago Description : Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a (usually SHA-1) hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-51630 - TOTOLINK N350RT Buffer Overflow Vulnerability

CVE ID : CVE-2025-51630 Published : July 17, 2025, 2:15 p.m. | 3 hours, 16 minutes ago Description : TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a buffer overflow via the ePort parameter in the function setIpPortFilterRules. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-53909 - Mailcow: Dockerized Server-Side Template Injection Vulnerability

CVE ID : CVE-2025-53909 Published : July 17, 2025, 2:15 p.m. | 3 hours, 16 minutes ago Description : mailcow: dockerized is an open source groupware/email suite based on docker. A Server-Side Template Injection (SSTI) vulnerability exists in versions prior to 2025-07 in the notification template system used by mailcow for sending quota and quarantine alerts. The template rendering engine allows template expressions that may be abused to execute code in certain contexts. The issue requires admin-level access to mailcow UI to configure templates, which are automatically rendered during normal system operation. Version 2025-07 contains a patch for the issue. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-53927 - MaxKB Directory Traversal (Command Execution)

CVE ID : CVE-2025-53927 Published : July 17, 2025, 2:15 p.m. | 3 hours, 16 minutes ago Description : MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the `shutil.copy2` method in Python to copy the command they want to execute to the executable directory. This bypasses directory restrictions and reverse shell. Version 2.0.0 fixes the issue. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 14:15:00 GMT

read more

CVE-2025-5345 - Bluebird IsdcardRemoteService Unauthenticated File Manipulation Vulnerability

CVE ID : CVE-2025-5345 Published : July 17, 2025, 1:15 p.m. | 4 hours, 16 minutes ago Description : Bluebird devices contain a pre-loaded file manager application. This application exposes an unsecured service provider "com.bluebird.system.koreanpost.IsdcardRemoteService". A local attacker can bind to the AIDL-type service to copy and delete arbitrary files from device's storage with system-level permissions. Version 1.4.4 is vulnerable, vendor reverted vulnerable versions to older version: 1.3.6 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 13:15:00 GMT

read more

CVE-2025-5346 - Bluebird Devices File Traversal Vulnerability in BootReceiver

CVE ID : CVE-2025-5346 Published : July 17, 2025, 1:15 p.m. | 4 hours, 16 minutes ago Description : Bluebird devices contain a pre-loaded barcode scanner application. This application exposes an unsecured broadcast receiver "kr.co.bluebird.android.bbsettings.BootReceiver". A local attacker can call the receiver to overwrite file containing ".json" keyword with default barcode config file. It is possible to overwrite file in any location due to lack of protection against path traversal in name of the file. This issue affects all versions before 1.3.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 13:15:00 GMT

read more

CVE-2025-5344 - Bluebird Kiosk Remote Service Unauthenticated RCE

CVE ID : CVE-2025-5344 Published : July 17, 2025, 1:15 p.m. | 3 hours, 36 minutes ago Description : Bluebird devices contain a pre-loaded kiosk application. This application exposes an unsecured service provider "com.bluebird.kiosk.launcher.IpartnerKioskRemoteService". A local attacker can bind to the AIDL-type service to modify device's global settings and wallpaper image. This issue affects all versions before 1.1.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 13:15:00 GMT

read more

CVE-2025-52933 - Apache Struts XML External Entity (XXE) Injection

CVE ID : CVE-2025-52933 Published : July 17, 2025, 1:15 p.m. | 2 hours, 49 minutes ago Description : Rejected reason: 3rd party vulnerability Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 13:15:00 GMT

read more

CVE-2025-3415 - Grafana Alerting DingDing Unauthenticated Viewer Escalation

CVE ID : CVE-2025-3415 Published : July 17, 2025, 11:15 a.m. | 4 hours, 49 minutes ago Description : Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01 Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 11:15:00 GMT

read more

CVE-2025-4302 - WordPress Stop User Enumeration REST API Bypass

CVE ID : CVE-2025-4302 Published : July 17, 2025, 8:15 a.m. | 7 hours, 49 minutes ago Description : The Stop User Enumeration WordPress plugin before version 1.7.3 blocks REST API /wp-json/wp/v2/users/ requests for non-authorized users. However, this can be bypassed by URL-encoding the API path. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 08:15:00 GMT

read more

CVE-2025-7735 - UNIMAX Hospital Information System SQL Injection

CVE ID : CVE-2025-7735 Published : July 17, 2025, 4:15 a.m. | 11 hours, 49 minutes ago Description : The Hospital Information System developed by UNIMAX has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 04:15:00 GMT

read more

CVE-2025-7712 - The Madara WordPress Core Plugin Unvalidated File Deletion Vulnerability

CVE ID : CVE-2025-7712 Published : July 17, 2025, 3:15 a.m. | 12 hours, 49 minutes ago Description : The Madara - Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wp_manga_delete_zip() function in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 03:15:00 GMT

read more

CVE-2025-7728 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7728 Published : July 17, 2025, 2:15 a.m. | 13 hours, 49 minutes ago Description : A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. Affected is an unknown function of the file users.shtm. The manipulation of the argument Username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this issue and confirmed that it will be fixed in the upcoming release 2.8.0. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 02:15:00 GMT

read more

CVE-2025-7729 - Scada-LTS Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7729 Published : July 17, 2025, 2:15 a.m. | 13 hours, 49 minutes ago Description : A vulnerability classified as problematic was found in Scada-LTS up to 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file usersProfiles.shtm. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this issue and confirmed that it will be fixed in the upcoming release 2.8.0. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 02:15:00 GMT

read more

CVE-2025-5396 - WordPress Bears Backup Plugin Remote Code Execution Vulnerability

CVE ID : CVE-2025-5396 Published : July 17, 2025, 2:15 a.m. | 12 hours, 10 minutes ago Description : The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackup_ajax_handle() function not having a capability check, nor validating user supplied input passed directly to call_user_func(). This makes it possible for unauthenticated attackers to execute code on the server which can be leverage to inject backdoors or create new administrative user accounts to name a few things. On WordPress sites running the Alone theme versions 7.8.4 and older, this can be chained with CVE-2025-5394 to install the Bears Backup plugin and achieve the same impact. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 17 Jul 2025 02:15:00 GMT

read more

CVE-2024-12498 - CVE-2021-42251: Apache Struts Deserialization Remote Code Execution

CVE ID : CVE-2024-12498 Published : July 16, 2025, 11:15 p.m. | 15 hours, 10 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 23:15:00 GMT

read more

CVE-2025-34124 - Heroes of Might and Magic III Complete Buffer Overflow Vulnerability

CVE ID : CVE-2025-34124 Published : July 16, 2025, 10:15 p.m. | 16 hours, 10 minutes ago Description : A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buffer overflow, potentially allowing arbitrary code execution. Exploitation requires the victim to open a malicious map file within the game. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34125 - D-Link Lighttpd Command Injection Vulnerability

CVE ID : CVE-2025-34125 Published : July 16, 2025, 10:15 p.m. | 16 hours, 10 minutes ago Description : An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary commands on the underlying Linux operating system. Successful exploitation enables full system compromise. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34126 - RIPS Scanner Remote File Read Vulnerability

CVE ID : CVE-2025-34126 Published : July 16, 2025, 10:15 p.m. | 16 hours, 10 minutes ago Description : A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This can lead to disclosure of sensitive information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34127 - Achat UDP Stack-based Buffer Overflow

CVE ID : CVE-2025-34127 Published : July 16, 2025, 10:15 p.m. | 16 hours, 10 minutes ago Description : A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler (SEH) due to insufficient bounds checking on user-supplied input leading to remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34128 - X360 VideoPlayer Buffer Overflow Vulnerability

CVE ID : CVE-2025-34128 Published : July 16, 2025, 10:15 p.m. | 16 hours, 10 minutes ago Description : A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX control (VideoPlayer.ocx) version 2.6 when handling overly long arguments to the ConvertFile() method. An attacker can exploit this vulnerability by supplying crafted input to cause memory corruption and execute arbitrary code within the context of the current process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34129 - LILIN Digital Video Recorder (DVR) Command Injection Vulnerability

CVE ID : CVE-2025-34129 Published : July 16, 2025, 10:15 p.m. | 16 hours, 10 minutes ago Description : A command injection vulnerability exists in LILIN LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicious XML file with injected shell commands in these fields. Upon subsequent configuration syncs, these commands are executed with elevated privileges. This vulnerability was exploited in the wild by the Moobot botnets. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34130 - LILIN Digital Video Recorder (DVR) Unauthenticated Arbitrary File Read Vulnerability

CVE ID : CVE-2025-34130 Published : July 16, 2025, 10:15 p.m. | 16 hours, 10 minutes ago Description : An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the /z/zbin/net_html.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be used to facilitate further attacks including command injection. The vulnerability has been exploited in the wild in conjunction with other issues by botnets like FBot and Moobot. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34132 - LILIN DVR Command Injection Vulnerability

CVE ID : CVE-2025-34132 Published : July 16, 2025, 10:15 p.m. | 16 hours, 10 minutes ago Description : A command injection vulnerability exists in LILIN Digital Video Recorder (DVR) devices prior to firmware version 2.0b60_20200207 via the Server field in the NTPUpdate configuration. The web service at /z/zbin/dvr_box fails to properly sanitize input, allowing remote attackers to inject and execute arbitrary commands as root by supplying specially crafted XML data to the DVRPOST interface. 777 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 22:15:00 GMT

read more

CVE-2025-34118 - Linknat VOS Manager Path Traversal Vulnerability

CVE ID : CVE-2025-34118 Published : July 16, 2025, 9:15 p.m. | 17 hours, 10 minutes ago Description : A path traversal vulnerability exists in Linknat VOS Manager versions prior to 2.1.9.07, including VOS2009 and early VOS3000 builds, that allows unauthenticated remote attackers to read arbitrary files on the server. The vulnerability is accessible via multiple localized subpaths such as '/eng/', '/chs/', or '/cht/', where the 'js/lang_en_us.js' or equivalent files are loaded. By injecting encoded traversal sequences such as '%c0%ae%c0%ae' into the request path, attackers can bypass input validation and disclose sensitive files. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34119 - EasyCafe Server Remote File Disclosure

CVE ID : CVE-2025-34119 Published : July 16, 2025, 9:15 p.m. | 17 hours, 10 minutes ago Description : A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by unauthenticated remote attackers via TCP port 831. The server listens for a custom protocol where opcode 0x43 can be used to request arbitrary files by absolute path. If the file exists and is accessible, its content is returned without authentication. This flaw allows attackers to retrieve sensitive files such as system configuration, password files, or application data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34120 - LimeSurvey Unauthenticated File Download Vulnerability

CVE ID : CVE-2025-34120 Published : July 16, 2025, 9:15 p.m. | 17 hours, 10 minutes ago Description : An unauthenticated file download vulnerability exists in LimeSurvey versions from 2.0+ up to and including 2.06+ Build 151014. The application fails to validate serialized input to the admin backup endpoint (`index.php/admin/update/sa/backup`), allowing attackers to specify arbitrary file paths using a crafted `datasupdateinfo` payload. The files are packaged in a ZIP archive and made available for download without authentication. This vulnerability can be exploited to read arbitrary files on the host system, including sensitive OS and configuration files. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34121 - Idera Up.Time PHP File Upload RCE

CVE ID : CVE-2025-34121 Published : July 16, 2025, 9:15 p.m. | 17 hours, 10 minutes ago Description : An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The `wizards/post2file.php` script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful exploitation results in remote code execution as the web server user. NOTE: The bypass for this vulnerability is tracked as CVE-2015-9263. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34123 - VideoCharge Studio Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-34123 Published : July 16, 2025, 9:15 p.m. | 17 hours, 10 minutes ago Description : A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue occurs due to improper handling of user-supplied data in the XML 'Name' attribute, leading to an SEH overwrite condition. An attacker can exploit this vulnerability by convincing a user to open a malicious .VSC file, resulting in arbitrary code execution under the context of the user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-34117 - Netcore/Netis Router Remote Code Execution Backdoor Vulnerability

CVE ID : CVE-2025-34117 Published : July 16, 2025, 9:15 p.m. | 15 hours, 35 minutes ago Description : A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 due to the presence of an undocumented backdoor listener on UDP port 53413. Exact version boundaries remain undocumented. An unauthenticated remote attacker can send specially crafted UDP packets to execute arbitrary commands on the affected device. This backdoor uses a hardcoded authentication mechanism and accepts shell commands post-authentication. Some device models include a non-standard implementation of the `echo` command, which may affect exploitability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 21:15:00 GMT

read more

CVE-2025-53908 - RomM Path Traversal Vulnerability

CVE ID : CVE-2025-53908 Published : July 16, 2025, 8:15 p.m. | 16 hours, 35 minutes ago Description : RomM is a self-hosted rom manager and player. Versions prior to 3.10.3 and 4.0.0-beta.3 have an authenticated path traversal vulnerability in the `/api/raw` endpoint. Anyone running the latest version of RomM and has multiple users, even unprivileged users, such as the kiosk user in the official implementation, may be affected. This allows the leakage of passwords and users that may be stored on the system. Versions 3.10.3 and 4.0.0-beta.3 contain a patch. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 20:15:00 GMT

read more

CVE-2025-6982 - TP-Link Archer C50 Hard-coded Credentials Vulnerability

CVE ID : CVE-2025-6982 Published : July 16, 2025, 8:15 p.m. | 16 hours, 35 minutes ago Description : Use of Hard-coded Credentials in TP-Link Archer C50 V3( 180703)/V4( 250117 )/V5( 200407 ), allows attackers to decrypt the config.xml files. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 20:15:00 GMT

read more

CVE-2025-6983 - TP-Link Archer C1200 Clickjacking Vulnerability

CVE ID : CVE-2025-6983 Published : July 16, 2025, 8:15 p.m. | 16 hours, 35 minutes ago Description : A Clickjacking vulnerability in TP-Link Archer C1200 web management page allows an attacker to trick users into performing unintended actions via rendered UI layers or frames.This issue affects Archer C1200 1.1.5. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 20:15:00 GMT

read more

CVE-2025-40777 - " BIND Named CNAME Chain Abort Vulnerability"

CVE ID : CVE-2025-40777 Published : July 16, 2025, 6:15 p.m. | 16 hours, 35 minutes ago Description : If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only allowable value other than `disabled`), and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or authoritative records, the daemon will abort with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.10, 9.21.0 through 9.21.9, and 9.20.9-S1 through 9.20.10-S1. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-37107 - HPE AutoPass License Server APLS Authentication Bypass Vulnerability

CVE ID : CVE-2025-37107 Published : July 16, 2025, 6:15 p.m. | 14 hours, 10 minutes ago Description : An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-37106 - HPE AutoPass License Server Authentication Bypass Information Disclosure

CVE ID : CVE-2025-37106 Published : July 16, 2025, 6:15 p.m. | 9 hours, 42 minutes ago Description : An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-37105 - HPE AutoPass License Server (APLS) Remote Code Execution Vulnerability

CVE ID : CVE-2025-37105 Published : July 16, 2025, 6:15 p.m. | 8 hours, 34 minutes ago Description : An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-36097 - IBM WebSphere Application Server Stack-Based Overflow Denial of Service

CVE ID : CVE-2025-36097 Published : July 16, 2025, 6:15 p.m. | 8 hours, 9 minutes ago Description : IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 18:15:00 GMT

read more

CVE-2025-20337 - Cisco ISE/Cisco ISE-PIC Remote Code Execution Vulnerability

CVE ID : CVE-2025-20337 Published : July 16, 2025, 5:15 p.m. | 9 hours, 9 minutes ago Description : A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-53904 - Scratch Channel Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-53904 Published : July 16, 2025, 5:15 p.m. | 9 hours, 9 minutes ago Description : The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/admin.js` contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20288 - Cisco Unified Intelligence Center SSRF Vulnerability

CVE ID : CVE-2025-20288 Published : July 16, 2025, 5:15 p.m. | 5 hours, 33 minutes ago Description : A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20272 - Cisco Prime Infrastructure and EPNM Blind SQL Injection

CVE ID : CVE-2025-20272 Published : July 16, 2025, 5:15 p.m. | 5 hours, 12 minutes ago Description : A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20274 - "Cisco Unified Intelligence Center File Upload Privilege Escalation Vulnerability"

CVE ID : CVE-2025-20274 Published : July 16, 2025, 5:15 p.m. | 5 hours, 12 minutes ago Description : A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by uploading arbitrary files to an affected device. A successful exploit could allow the attacker to store malicious files on the system and execute arbitrary commands on the operating system. The Security Impact Rating (SIR) of this advisory has been raised to High because an attacker could elevate privileges to root. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Report Designer. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20283 - "Cisco ISE and ISE-PIC Root Code Execution Vulnerability"

CVE ID : CVE-2025-20283 Published : July 16, 2025, 5:15 p.m. | 5 hours, 12 minutes ago Description : A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20284 - Cisco ISE/PIC Root Execution Remote Command Injection

CVE ID : CVE-2025-20284 Published : July 16, 2025, 5:15 p.m. | 5 hours, 12 minutes ago Description : A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-20285 - Cisco ISE/IP Access Restriction API Authentication Bypass

CVE ID : CVE-2025-20285 Published : July 16, 2025, 5:15 p.m. | 5 hours, 12 minutes ago Description : A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to bypass configured IP access restrictions and log in to the device from a disallowed IP address. This vulnerability is due to improper enforcement of access controls that are configured using the IP Access Restriction feature. An attacker could exploit this vulnerability by logging in to the API from an unauthorized source IP address. A successful exploit could allow the attacker to gain access to the targeted device from an IP address that should have been restricted. To exploit this vulnerability, the attacker must have valid administrative credentials. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 17:15:00 GMT

read more

CVE-2025-53938 - WeGIA Authentication Bypass

CVE ID : CVE-2025-53938 Published : July 16, 2025, 4:15 p.m. | 6 hours, 12 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Authentication Bypass vulnerability was identified in the `/dao/verificar_recursos_cargo.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows unauthenticated users to access protected application functionalities and retrieve sensitive information by sending crafted HTTP requests without any session cookies or authentication tokens. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53943 - VoidBot Open-Source Discord Bot Command Injection Vulnerability

CVE ID : CVE-2025-53943 Published : July 16, 2025, 4:15 p.m. | 6 hours, 12 minutes ago Description : VoidBot Open-Source is a customizable Discord bot. VoidBot Open-Source versions 0.0.1 through 0.8.1 contain a vulnerability in the command handler where permission checks are not properly enforced for certain administrative commands. This allows users without the required roles or privileges to execute sensitive commands such as `ban`, `kick`, or `shutdown`, potentially disrupting server operations. Version 1.0.0 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-7357 - LITEON IC48A/IC80A FTP Server Cleartext Credentials Storage Vulnerability

CVE ID : CVE-2025-7357 Published : July 16, 2025, 4:15 p.m. | 6 hours, 12 minutes ago Description : LITEON IC48A firmware versions prior to 01.00.19r and LITEON IC80A firmware versions prior to 01.01.12e store FTP-server-access-credentials in cleartext in their system logs. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53929 - WeGIA Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-53929 Published : July 16, 2025, 4:15 p.m. | 3 hours, 39 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_cor.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `cor` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page `cadastro_pet.php` is accessed by users, posing a significant security risk. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53930 - WeGIA Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53930 Published : July 16, 2025, 4:15 p.m. | 3 hours, 39 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_especie.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `especie` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53931 - WeGIA Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53931 Published : July 16, 2025, 4:15 p.m. | 3 hours, 39 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_raca.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `raca` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53932 - WeGIA Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53932 Published : July 16, 2025, 4:15 p.m. | 3 hours, 39 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_adotante.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `cpf` parameter. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53933 - WeGIA Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53933 Published : July 16, 2025, 4:15 p.m. | 3 hours, 39 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_enfermidade.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `nome` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53934 - WeGIA Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53934 Published : July 16, 2025, 4:15 p.m. | 3 hours, 39 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `control.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `descricao_emergencia` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53935 - WeGIA Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53935 Published : July 16, 2025, 4:15 p.m. | 3 hours, 39 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `personalizacao_selecao.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `id` parameter. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53936 - WeGIA Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53936 Published : July 16, 2025, 4:15 p.m. | 3 hours, 39 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `personalizacao_selecao.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `nome_car` parameter. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53937 - WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-53937 Published : July 16, 2025, 4:15 p.m. | 3 hours, 39 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the `/controle/control.php` endpoint, specifically in the `cargo` parameter, of WeGIA prior to version 3.4.5. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-46959 - Adobe Experience Manager DOM-Based Cross-Site Scripting (XSS)

CVE ID : CVE-2025-46959 Published : July 16, 2025, 4:15 p.m. | 1 hour, 38 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a specially crafted web page. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-47053 - Adobe Experience Manager DOM-Based Cross-Site Scripting (XSS)

CVE ID : CVE-2025-47053 Published : July 16, 2025, 4:15 p.m. | 1 hour, 38 minutes ago Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a specially crafted web page. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53926 - Emlog Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53926 Published : July 16, 2025, 4:15 p.m. | 1 hour, 38 minutes ago Description : Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via the comment and comname parameters. Reflected XSS requires the victim to send POST requests, therefore the victim must be persuaded into clicking into sent URL. As of time of publication, no known patched versions exist. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 16:15:00 GMT

read more

CVE-2025-53925 - Emlog Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53925 Published : July 16, 2025, 3:15 p.m. | 2 hours, 38 minutes ago Description : Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows authenticated remote attackers to inject arbitrary web script or HTML via the file upload functionality. As an authenticated user it is possible to upload an .svg file that contains JavaScript code that is later executed. As of time of publication, no known patched versions exist. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-5994 - "Unbound DNS Rebirthday Attack Cache Poisoning Vulnerability"

CVE ID : CVE-2025-5994 Published : July 16, 2025, 3:15 p.m. | 2 hours, 38 minutes ago Description : A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to upstream name servers, i.e., at least one of the 'send-client-subnet', 'client-subnet-zone' or 'client-subnet-always-forward' options is used. Resolvers supporting ECS need to segregate outgoing queries to accommodate for different outgoing ECS information. This re-opens up resolvers to a birthday paradox attack (Rebirthday Attack) that tries to match the DNS transaction ID in order to cache non-ECS poisonous replies. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2024-42912 - META-INF Kft. Email This Issue (Data Center) Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2024-42912 Published : July 16, 2025, 3:15 p.m. | 1 hour, 32 minutes ago Description : A cross-site scripting (XSS) vulnerability in META-INF Kft. Email This Issue (Data Center) before 9.13.0-GA allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the recipient field of an e-mail message. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-32353 - Kaseya Rapid Fire Tools Network Detective Unencrypted Credentials Storage Vulnerability

CVE ID : CVE-2025-32353 Published : July 16, 2025, 3:15 p.m. | 1 hour, 32 minutes ago Description : Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged access) stored in the collector.txt configuration file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-32874 - Kaseya Rapid Fire Tools Network Detective Cryptographic Implementation Flaw

CVE ID : CVE-2025-32874 Published : July 16, 2025, 3:15 p.m. | 1 hour, 32 minutes ago Description : An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized fashion. The method Encrypt(byte[] clearData) derives both the encryption key and the IV from a fixed, hardcoded input by using a static salt value. As a result, identical plaintext inputs always produce identical ciphertext outputs. This is true for both FIPS and non-FIPS generated passwords. In other words, there is a cryptographic implementation flaw in the password encryption mechanism. Although there are multiple encryption methods grouped under FIPS and non-FIPS classifications, the logic consistently results in predictable and reversible encrypted outputs due to the lack of per-operation randomness and encryption authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-37104 - HPE Telco Service Orchestrator SQL Injection Vulnerability

CVE ID : CVE-2025-37104 Published : July 16, 2025, 3:15 p.m. | 1 hour, 32 minutes ago Description : A security vulnerability has been identified in HPE Telco Service Orchestrator software. The vulnerability could allow authenticated clients to to perform a SQL Injection attack when sending a service request, and potentially exfiltrate the database's vendor name to unauthorized authenticated clients. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 15:15:00 GMT

read more

CVE-2025-53840 - Icinga DB Web Information Disclosure

CVE ID : CVE-2025-53840 Published : July 16, 2025, 2:15 p.m. | 2 hours, 32 minutes ago Description : Icinga DB Web provides a graphical interface for Icinga monitoring. Starting in version 1.2.0 and prior to version 1.2.2, users with access to Icinga Dependency Views, are allowed to see hosts and services that they weren't meant to on the dependency map. However, the name of an object will not be revealed nor does this grant access to a host's or service's detail view. Please note that this only affects the restrictions `filter/hosts` and `filter/services`. `filter/objects` is not affected by this and restricts objects as it is supposed to. Version 1.2.2 applies these restrictions properly. As a workaround, one may downgrade to version 1.1.3. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-53892 - Vue I18n DOM-based XSS Vulnerability

CVE ID : CVE-2025-53892 Published : July 16, 2025, 2:15 p.m. | 2 hours, 32 minutes ago Description : Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fails to prevent execution of certain tag-based payloads, such as , if the interpolated value is inserted inside an HTML context using v-html. This may lead to a DOM-based XSS vulnerability, even when using escapeParameterHtml: true, if a translation string includes minor HTML and is rendered via v-html. Versions 9.14.5, 10.0.8, and 11.1.0 contain a fix for the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-53923 - Emlog Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-53923 Published : July 16, 2025, 2:15 p.m. | 2 hours, 32 minutes ago Description : Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. Due to lack of sanitization it is possible to inject HTML/JS code into keyword parameter. If one persuades an user into clicking into prepared link it is possible to execute any JS code in admin's browser. As of time of publication, no known patched versions exist. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-53924 - Emlog Stored XSS Vulnerability

CVE ID : CVE-2025-53924 Published : July 16, 2025, 2:15 p.m. | 2 hours, 32 minutes ago Description : Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows authenticated remote attackers to inject arbitrary web script or HTML via the siteurl parameter. It is possible to inject malicious code into siteurl parameter resulting in Stored XSS. When someone clicks on the link the malicious code is executed. As of time of publication, no known patched versions exist. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-3871 - Fortra GoAnywhere MFT Authentication Bypass Denial of Service

CVE ID : CVE-2025-3871 Published : July 16, 2025, 2:15 p.m. | 32 minutes ago Description : Broken access control in Fortra's GoAnywhere MFT prior to 7.8.1 allows an attacker to create a denial of service situation when configured to use GoAnywhere One-Time Password (GOTP) email two-factor authentication (2FA) and the user has not set an email address. In this scenario, the attacker may enter the email address of a known user when prompted and the user will be disabled if that user has configured GOTP. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-40776 - BIND Named Cache-Poisoning Vulnerability

CVE ID : CVE-2025-40776 Published : July 16, 2025, 2:15 p.m. | 32 minutes ago Description : A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-40913 - Net::Dropbear Integer Overflow in libtommath Library

CVE ID : CVE-2025-40913 Published : July 16, 2025, 2:15 p.m. | 32 minutes ago Description : Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow. Net::Dropbear embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-40918 - Apache::Authen::SASL::Perl DIGEST_MD5 CNonce Weak Randomness Vulnerability

CVE ID : CVE-2025-40918 Published : July 16, 2025, 2:15 p.m. | 32 minutes ago Description : Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. According to RFC 2831, "The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy." Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-40919 - Apache::Authen::DigestMD5 Insecure cnonce Generation Vulnerability

CVE ID : CVE-2025-40919 Published : July 16, 2025, 2:15 p.m. | 32 minutes ago Description : Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. According to RFC 2831, "The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy." Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 14:15:00 GMT

read more

CVE-2025-34300 - Sawtooth Software Lighthouse Studio Template Injection

CVE ID : CVE-2025-34300 Published : July 16, 2025, 1:15 p.m. | 1 hour, 32 minutes ago Description : A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 13:15:00 GMT

read more

CVE-2025-40923 - Apache Plack-Middleware-Session Insecure Session ID Generation

CVE ID : CVE-2025-40923 Published : July 16, 2025, 1:15 p.m. | 1 hour, 32 minutes ago Description : Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 13:15:00 GMT

read more

CVE-2025-52714 - Shinetheme Traveler SQL Injection Vulnerability

CVE ID : CVE-2025-52714 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler allows SQL Injection. This issue affects Traveler: from n/a through n/a. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52777 - Contact Form 7 Cross-site Scripting (XSS)

CVE ID : CVE-2025-52777 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmsMinds Pay with Contact Form 7 allows Reflected XSS. This issue affects Pay with Contact Form 7: from n/a through 1.0.4. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52779 - Karimmughal Dot HTML/PHP/XML Cross-site Scripting (XSS)

CVE ID : CVE-2025-52779 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in karimmughal Dot html,php,xml etc pages allows Reflected XSS. This issue affects Dot html,php,xml etc pages: from n/a through 1.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52786 - Kingdom Creation Media Folder Cross-site Scripting Vulnerability

CVE ID : CVE-2025-52786 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kingdom Creation Media Folder allows Reflected XSS. This issue affects Media Folder: from n/a through 1.0.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52787 - EZiHosting Tennis Court Bookings Cross-site Scripting (XSS)

CVE ID : CVE-2025-52787 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EZiHosting Tennis Court Bookings allows Reflected XSS. This issue affects Tennis Court Bookings: from n/a through 1.2.7. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52803 - UXper Sala Missing Authorization Vulnerability

CVE ID : CVE-2025-52803 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : Missing Authorization vulnerability in uxper Sala allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Sala: from n/a through 1.1.3. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52804 - UXPER Nuss Missing Authorization Vulnerability

CVE ID : CVE-2025-52804 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : Missing Authorization vulnerability in uxper Nuss allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Nuss: from n/a through 1.3.3. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52819 - Pakkemx Pakke Envíos SQL Injection Vulnerability

CVE ID : CVE-2025-52819 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pakkemx Pakke Envíos allows SQL Injection. This issue affects Pakke Envíos: from n/a through 1.0.2. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-52836 - Unity Business Technology Pty Ltd The E-Commerce ERP Privilege Escalation Vulnerability

CVE ID : CVE-2025-52836 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP allows Privilege Escalation. This issue affects The E-Commerce ERP: from n/a through 2.1.1.3. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53754 - Digisol Router Hard-Coded Root Access Credentials Vulnerability

CVE ID : CVE-2025-53754 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials in system configuration of the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to obtain the stored root access credentials. Successful exploitation of this vulnerability could allow the attacker to gain admin access to the targeted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53755 - Digisol DG-GR6821AC Router Unencrypted Firmware Credential Exposure

CVE ID : CVE-2025-53755 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted data stored in the firmware of targeted device. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the network of the targeted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53756 - Digisol DG-GR6821AC Router Cleartext Credentials Exposure

CVE ID : CVE-2025-53756 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : This vulnerability exists in Digisol DG-GR6821AC Router due to cleartext transmission of credentials in its web management interface. A remote attacker could exploit this vulnerability by intercepting the network traffic and capturing cleartext credentials. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53757 - Digisol Router HTTPOnly Flag Misconfiguration Vulnerability

CVE ID : CVE-2025-53757 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : This vulnerability exists in Digisol DG-GR6821AC Router due to misconfiguration of both Secure and HttpOnly flags on session cookies associated with the router web interface. A remote attacker could exploit this vulnerability by capturing the session cookies transmitted over an unsecure HTTP connection. Successful exploitation of this vulnerability could allow the attacker to obtain sensitive information from the targeted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-53758 - "Digisol DG-GR6821AC Router Default Admin Credentials Disclosure"

CVE ID : CVE-2025-53758 Published : July 16, 2025, 12:15 p.m. | 2 hours, 32 minutes ago Description : This vulnerability exists in Digisol DG-GR6821AC Router due to use of default admin credentials at its web management interface. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the hardcoded default credentials stored in the firmware of the targeted device. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted device. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-48339 - Activity-log.com Profiler Missing Authorization Vulnerability

CVE ID : CVE-2025-48339 Published : July 16, 2025, 12:15 p.m. | 2 hours, 8 minutes ago Description : Missing Authorization vulnerability in activity-log.com Profiler - What Slowing Down Your WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Profiler - What Slowing Down Your WP: from n/a through 1.0.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-48345 - Arisoft Contact Form 7 Editor Button Cross-site Scripting Vulnerability

CVE ID : CVE-2025-48345 Published : July 16, 2025, 12:15 p.m. | 2 hours, 8 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arisoft Contact Form 7 Editor Button allows Reflected XSS. This issue affects Contact Form 7 Editor Button: from n/a through 1.0.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49031 - SMu Manual DoFollow Cross-site Scripting

CVE ID : CVE-2025-49031 Published : July 16, 2025, 12:15 p.m. | 2 hours, 8 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefan M. SMu Manual DoFollow allows Reflected XSS. This issue affects SMu Manual DoFollow: from n/a through 1.8.1. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49034 - FunnelKit Funnel Builder SQL Injection

CVE ID : CVE-2025-49034 Published : July 16, 2025, 12:15 p.m. | 2 hours, 8 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder by FunnelKit allows SQL Injection. This issue affects Funnel Builder by FunnelKit: from n/a through 3.10.2. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49319 - WPFactory Wishlist for WooCommerce Missing Authorization Vulnerability

CVE ID : CVE-2025-49319 Published : July 16, 2025, 12:15 p.m. | 2 hours, 8 minutes ago Description : Missing Authorization vulnerability in WPFactory Wishlist for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist for WooCommerce: from n/a through 3.2.3. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49876 - Metagauss ProfileGrid SQL Injection

CVE ID : CVE-2025-49876 Published : July 16, 2025, 12:15 p.m. | 2 hours, 8 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows SQL Injection. This issue affects ProfileGrid : from n/a through 5.9.5.2. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49884 - AlexVtn Internal Linking of Related Contents Missing Authorization Vulnerability

CVE ID : CVE-2025-49884 Published : July 16, 2025, 12:15 p.m. | 2 hours, 8 minutes ago Description : Missing Authorization vulnerability in alexvtn Internal Linking of Related Contents allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Linking of Related Contents: from n/a through 1.1.8. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-49888 - Pimwick PW WooCommerce On Sale! Missing Authorization Vulnerability

CVE ID : CVE-2025-49888 Published : July 16, 2025, 12:15 p.m. | 2 hours, 8 minutes ago Description : Missing Authorization vulnerability in pimwick PW WooCommerce On Sale! allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PW WooCommerce On Sale!: from n/a through 1.39. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-50028 - CodeSolz Ultimate Push Notifications Missing Authorization Vulnerability

CVE ID : CVE-2025-50028 Published : July 16, 2025, 12:15 p.m. | 2 hours, 8 minutes ago Description : Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Push Notifications: from n/a through 1.1.9. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-48291 - Contest Gallery Cross-site Scripting (XSS)

CVE ID : CVE-2025-48291 Published : July 16, 2025, 12:15 p.m. | 32 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery allows Stored XSS. This issue affects Contest Gallery: from n/a through 26.0.6. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-48300 - Groundhogg Web Shell Upload Vulnerability

CVE ID : CVE-2025-48300 Published : July 16, 2025, 12:15 p.m. | 32 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Adrian Tobey Groundhogg allows Upload a Web Shell to a Web Server. This issue affects Groundhogg: from n/a through 4.2.1. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 12:15:00 GMT

read more

CVE-2025-54009 - Crocoblock JetSmartFilters Cross-site Scripting Vulnerability

CVE ID : CVE-2025-54009 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetSmartFilters allows Stored XSS. This issue affects JetSmartFilters: from n/a through 3.6.8. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54010 - Shahjahan Jewel FluentSnippets CSRF Vulnerability

CVE ID : CVE-2025-54010 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel FluentSnippets allows Cross Site Request Forgery. This issue affects FluentSnippets: from n/a through 10.50. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54011 - SMTP2GO Authorization Bypass

CVE ID : CVE-2025-54011 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Missing Authorization vulnerability in SMTP2GO SMTP2GO allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SMTP2GO: from n/a through 1.12.1. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54013 - Welcart e-Commerce Cross-site Scripting

CVE ID : CVE-2025-54013 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nanbu Welcart e-Commerce allows Stored XSS. This issue affects Welcart e-Commerce: from n/a through 2.11.16. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54015 - HT Plugins HT Contact Form 7 PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-54015 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in HT Plugins HT Contact Form 7 allows PHP Local File Inclusion. This issue affects HT Contact Form 7: from n/a through 2.0.0. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54016 - Kyle Gilman Videopack Cross-site Scripting

CVE ID : CVE-2025-54016 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Gilman Videopack allows DOM-Based XSS. This issue affects Videopack: from n/a through 4.10.3. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54018 - CreativeMindsSolutions CM Pop-Up banners Missing Authorization Vulnerability

CVE ID : CVE-2025-54018 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Missing Authorization vulnerability in CreativeMindsSolutions CM Pop-Up banners allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CM Pop-Up banners: from n/a through 1.8.4. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54020 - Erik AntiSpam for Contact Form 7 CSRF

CVE ID : CVE-2025-54020 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Erik AntiSpam for Contact Form 7 allows Cross Site Request Forgery. This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.3. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54022 - RelyWP Coupon Affiliates CSRF

CVE ID : CVE-2025-54022 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Cross Site Request Forgery. This issue affects Coupon Affiliates: from n/a through 6.4.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54023 - WP Delicious Cross-site Scripting Vulnerability

CVE ID : CVE-2025-54023 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Delicious WP Delicious allows DOM-Based XSS. This issue affects WP Delicious: from n/a through 1.8.4. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54024 - Greg Winiarski WPAdverts Cross-site Scripting (XSS)

CVE ID : CVE-2025-54024 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Winiarski WPAdverts allows DOM-Based XSS. This issue affects WPAdverts: from n/a through 2.2.5. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54026 - QuanticaLabs GymBase Theme Classes SQL Injection

CVE ID : CVE-2025-54026 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in QuanticaLabs GymBase Theme Classes allows SQL Injection. This issue affects GymBase Theme Classes: from n/a through 1.4. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54030 - WooCommerce Google Sheet Connector CSRF Vulnerability

CVE ID : CVE-2025-54030 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in GSheetConnector by WesternDeal WooCommerce Google Sheet Connector allows Cross Site Request Forgery. This issue affects WooCommerce Google Sheet Connector: from n/a through 1.3.20. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54033 - BlocksWP Theme Builder For Elementor CSRF Vulnerability

CVE ID : CVE-2025-54033 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in BlocksWP Theme Builder For Elementor allows Cross Site Request Forgery. This issue affects Theme Builder For Elementor: from n/a through 1.2.3. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54035 - Tribulant Software Newsletters CSRF Vulnerability

CVE ID : CVE-2025-54035 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Newsletters allows Cross Site Request Forgery. This issue affects Newsletters: from n/a through 4.10. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54036 - Webba Booking CSRF Vulnerability

CVE ID : CVE-2025-54036 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Webba Appointment Booking Webba Booking allows Cross Site Request Forgery. This issue affects Webba Booking: from n/a through 5.1.20. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54037 - Blazethemes News Kit Elementor Addons Missing Authorization Vulnerability

CVE ID : CVE-2025-54037 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Missing Authorization vulnerability in blazethemes News Kit Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects News Kit Elementor Addons: from n/a through 1.3.4. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54038 - MotoPress Restaurant Menu CSRF Vulnerability

CVE ID : CVE-2025-54038 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in jetmonsters Restaurant Menu by MotoPress allows Cross Site Request Forgery. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.6. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54039 - Toast Plugins Animator CSRF Vulnerability

CVE ID : CVE-2025-54039 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Animator allows Cross Site Request Forgery. This issue affects Animator: from n/a through 3.0.16. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54041 - WooCommerce Wallet System CSRF Vulnerability

CVE ID : CVE-2025-54041 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce allows Cross Site Request Forgery. This issue affects Wallet System for WooCommerce: from n/a through 2.6.7. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54042 - Xfinitysoft WP Post Hide CSRF

CVE ID : CVE-2025-54042 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in xfinitysoft WP Post Hide allows Cross Site Request Forgery. This issue affects WP Post Hide: from n/a through 1.0.9. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54043 - YayCommerce SMTP for Amazon SES SQL Injection

CVE ID : CVE-2025-54043 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce SMTP for Amazon SES allows SQL Injection. This issue affects SMTP for Amazon SES: from n/a through 1.9. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54047 - QuanticaLabs Cost Calculator Missing Authorization Vulnerability

CVE ID : CVE-2025-54047 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Missing Authorization vulnerability in QuanticaLabs Cost Calculator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cost Calculator: from n/a through 7.4. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54050 - CyberChimps Responsive Addons for Elementor Stored Cross-site Scripting

CVE ID : CVE-2025-54050 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Addons for Elementor allows Stored XSS. This issue affects Responsive Addons for Elementor: from n/a through 1.7.3. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-54051 - bPlugins LightBox Block Stored Cross-site Scripting

CVE ID : CVE-2025-54051 Published : July 16, 2025, 11:15 a.m. | 29 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LightBox Block allows Stored XSS. This issue affects LightBox Block: from n/a through 1.1.30. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 11:15:00 GMT

read more

CVE-2025-22227 - Reactor Netty HTTP Client Credentials Leak

CVE ID : CVE-2025-22227 Published : July 16, 2025, 10:15 a.m. | 31 minutes ago Description : In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-40724 - Pharmacy POS PHP Script Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40724 Published : July 16, 2025, 10:15 a.m. | 31 minutes ago Description : Stored Cross-Site Scripting (XSS) vulnerability in Pharmacy POS PHP Script. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the u_medicine_name parameter in /edit_medicine.php. This vulnerability can be exploited to steal sensitive user data such as session cookies or to perform actions on behalf of the user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-40985 - SCATI Vision Web SQL Injection

CVE ID : CVE-2025-40985 Published : July 16, 2025, 10:15 a.m. | 31 minutes ago Description : SQL injection vulnerability in SCATI Vision Web of SCATI Labs from version 4.8 to 7.2. This vulnerability allows an attacker to exfiltrate some data from the database via the ‘login’ parameter in the endpoint ‘/scatevision_web/index.php/loginForm’. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-5284 - Elementor Addons - Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5284 Published : July 16, 2025, 10:15 a.m. | 31 minutes ago Description : The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom JS extension in all versions up to, and including, 2.0.8.2 due to insufficient capability restriction, and insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-6993 - WordPress WP Mail Privilege Escalation Vulnerability

CVE ID : CVE-2025-6993 Published : July 16, 2025, 10:15 a.m. | 31 minutes ago Description : The Ultimate WP Mail plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the get_email_log_details() AJAX handler in versions 1.0.17 to 1.3.6. The handler reads the client-supplied post_id and retrieves the corresponding email log post content (including the password-reset link), relying only on the ‘edit_posts’ capability without restricting to administrators or validating ownership. This makes it possible for authenticated attackers, with Contributor-level access and above, to harvest an admin’s reset link and elevate their privileges to administrator. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-7035 - WordPress Media Library Assistant Stored XSS

CVE ID : CVE-2025-7035 Published : July 16, 2025, 10:15 a.m. | 31 minutes ago Description : The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mla_tag_cloud and mla_term_list shortcodes in all versions up to, and including, 3.26 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-7699 - ADM EZ Sync Manager Unauthenticated File Access Vulnerability

CVE ID : CVE-2025-7699 Published : July 16, 2025, 10:15 a.m. | 31 minutes ago Description : An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows authenticated users to copy arbitrary files from the server file system into their own EZSync folder. The vulnerability is due to a lack of authorization checks on the file parameter of the HTTP request. Attackers can exploit this flaw to access files outside their authorized scope, provided the file has readable permissions for other users on the underlying OS. This can lead to unauthorized exposure of sensitive data. Affected products and versions include: from ADM 4.1.0 to ADM 4.3.3.RH61 as well as ADM 5.0.0.RIN1 and earlier. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 10:15:00 GMT

read more

CVE-2025-27465 - Xen Hypercall Instruction Replay Vulnerability (Arithmetic Flag Handling)

CVE ID : CVE-2025-27465 Published : July 16, 2025, 9:15 a.m. | 1 hour, 8 minutes ago Description : Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additional logic to set up and recover the changes to the arithmetic flags. For replayed instructions where the flags recovery logic is used, the metadata for exception handling was incorrect, preventing Xen from handling the the exception gracefully, treating it as fatal instead. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 09:15:00 GMT

read more

CVE-2025-7703 - Palm ID Authentication Bypass

CVE ID : CVE-2025-7703 Published : July 16, 2025, 9:15 a.m. | 1 hour, 8 minutes ago Description : Authentication vulnerability in the mobile application(tech.palm.id)may lead to the risk of information leakage. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 09:15:00 GMT

read more

CVE-2025-52687 - Cisco Aironet Wireless Web Interface JavaScript Injection Vulnerability

CVE ID : CVE-2025-52687 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : Successful exploitation of the vulnerability could allow an attacker with administrator credentials for the access point to inject malicious JavaScript into the payload of web traffics, potentially leading to session hijacking and denial-of-service (DoS). Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-52688 - Aruba Command Injection Vulnerability

CVE ID : CVE-2025-52688 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-52689 - Cisco Wireless Access Point Authentication Bypass

CVE ID : CVE-2025-52689 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a valid session ID with administrator privileges by spoofing the login request, potentially allowing the attacker to modify the behaviour of the access point. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-52690 - Cisco Wireless Access Point Remote Command Execution Vulnerability

CVE ID : CVE-2025-52690 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-5843 - Brandfolder WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5843 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : The Brandfolder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 5.0.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-5845 - WordPress Affiliate Reviews Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5845 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : The Affiliate Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘numColumns’ parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-6043 - WordPress Malware Removal Plugin File Deletion Arbitrary File Deletion Vulnerability

CVE ID : CVE-2025-6043 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmr_delete_file() function in all versions up to, and including, 16.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files making remote code execution possible. This is only exploitable when advanced mode is enabled on the site. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-6747 - Avada Fusion Builder Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6747 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fusion_map' shortcode in all versions up to, and including, 3.12.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-7359 - WooCommerce Counter Live Visitors File Deletion Arbitrary Directory Vulnerability

CVE ID : CVE-2025-7359 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : The Counter live visitors for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wcvisitor_get_block function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to delete arbitrary files on the server. NOTE: This particular vulnerability deletes all the files in a targeted arbitrary directory rather than a specified arbitrary file, which can lead to loss of data or a denial of service condition. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-7673 - Zyxel zhttpd Web Server Buffer Overflow Vulnerability

CVE ID : CVE-2025-7673 Published : July 16, 2025, 7:15 a.m. | 3 hours, 8 minutes ago Description : A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and potentially execute arbitrary code by sending a specially crafted HTTP request. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 07:15:00 GMT

read more

CVE-2025-2799 - WordPress Event Manager - Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2799 Published : July 16, 2025, 6:15 a.m. | 4 hours, 8 minutes ago Description : The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tag-name’ parameter in all versions up to, and including, 3.1.49 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 06:15:00 GMT

read more

CVE-2025-2800 - "WordPress WP Event Manager Stored Cross-Site Scripting"

CVE ID : CVE-2025-2800 Published : July 16, 2025, 6:15 a.m. | 4 hours, 8 minutes ago Description : The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘organizer_name' parameter in all versions up to, and including, 3.1.50 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 06:15:00 GMT

read more

CVE-2025-53842 - ZWX-2000CSW2-HN and ZWX-2000CS2-HN Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-53842 Published : July 16, 2025, 5:15 a.m. | 5 hours, 8 minutes ago Description : Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for CVE-2024-39838. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 05:15:00 GMT

read more

CVE-2025-6977 - ProfileGrid WordPress Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6977 Published : July 16, 2025, 5:15 a.m. | 5 hours, 8 minutes ago Description : The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘pm_get_messenger_notification’ function in all versions up to, and including, 5.9.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a logged-in user into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 05:15:00 GMT

read more

CVE-2025-53952 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-53952 Published : July 16, 2025, 3:15 a.m. | 7 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53953 - Apache Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-53953 Published : July 16, 2025, 3:15 a.m. | 7 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53954 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53954 Published : July 16, 2025, 3:15 a.m. | 7 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53955 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53955 Published : July 16, 2025, 3:15 a.m. | 7 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53956 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53956 Published : July 16, 2025, 3:15 a.m. | 7 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53957 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53957 Published : July 16, 2025, 3:15 a.m. | 7 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53958 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53958 Published : July 16, 2025, 3:15 a.m. | 7 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 16 Jul 2025 03:15:00 GMT

read more

CVE-2025-53906 - Vim Zip File Path Traversal Vulnerability

CVE ID : CVE-2025-53906 Published : July 15, 2025, 9:15 p.m. | 13 hours, 8 minutes ago Description : Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-6981 - GitHub Enterprise Server Unauthorized Read Access Vulnerability

CVE ID : CVE-2025-6981 Published : July 15, 2025, 9:15 p.m. | 13 hours, 8 minutes ago Description : An incorrect authorization vulnerability allowed unauthorized read access to the contents of internal repositories for contractor accounts when the Contractors API feature was enabled. The Contractors API is a rarely-enabled feature in private preview. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.18 and was fixed in versions 3.14.15, 3.15.10, 3.16.6 and 3.17.3 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49841 - SoVITS-WebUI Unchecked Deserialization Vulnerability

CVE ID : CVE-2025-49841 Published : July 15, 2025, 9:15 p.m. | 11 hours, 3 minutes ago Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in process_ckpt.py. The SoVITS_dropdown variable takes user input and passes it to the load_sovits_new function in process_ckpt.py. In load_sovits_new, the user input, here sovits_path is used to load a model with torch.load, leading to unsafe deserialization. At time of publication, no known patched versions are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-53905 - Vim Tar Plugin Path Traversal Vulnerability

CVE ID : CVE-2025-53905 Published : July 15, 2025, 9:15 p.m. | 11 hours, 3 minutes ago Description : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-30761 - Oracle Java SE, Oracle GraalVM Enterprise Edition Scripting Remote Code Execution Vulnerability

CVE ID : CVE-2025-30761 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N). Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49831 - CyberArk Secrets Manager, Self-Hosted Man-in-the-Middle Attack

CVE ID : CVE-2025-49831 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : An attacker of Secrets Manager, Self-Hosted installations that route traffic from Secrets Manager to AWS through a misconfigured network device can reroute authentication requests to a malicious server under the attacker’s control. CyberArk believes there to be very few installations where this issue can be actively exploited, though Secrets Manager, Self-Hosted (formerly Conjur Enterprise) prior to versions 13.5.1 and 13.6.1 and Conjur OSS prior to version 1.22.1 may be affected. Conjur OSS version 1.22.1 and Secrets Manager, Self-Hosted versions 13.5.1 and 13.6.1 fix the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49833 - GPT-SoVITS-WebUI Command Injection Vulnerability

CVE ID : CVE-2025-49833 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is a command injection vulnerability in the webui.py open_slice function. slice_opt_root and slice-inp-path takes user input, which is passed to the open_slice function, which concatenates the user input into a command and runs it on the server, leading to arbitrary command execution. At time of publication, no known patched versions are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49834 - GPT-SoVITS-WebUI Command Injection Vulnerability

CVE ID : CVE-2025-49834 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is a command injection vulnerability in webui.py open_denoise function. denoise_inp_dir and denoise_opt_dir take user input, which is passed to the open_denoise function, which concatenates the user input into a command and runs it on the server, leading to arbitrary command execution. At time of publication, no known patched versions are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49835 - GPT-SoVITS-WebUI Command Injection Vulnerability

CVE ID : CVE-2025-49835 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is a command injection vulnerability in webui.py open_asr function. asr_inp_dir (and a number of other variables) takes user input, which is passed to the open_asr function, which concatenates the user input into a command and runs it on the server, leading to arbitrary command execution. At time of publication, no known patched versions are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49836 - GPT-SoVITS-WebUI Command Injection Vulnerability

CVE ID : CVE-2025-49836 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is a command injection vulnerability in webui.py change_label function. path_list takes user input, which is passed to the change_label function, which concatenates the user input into a command and runs it on the server, leading to arbitrary command execution. At time of publication, no known patched versions are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49837 - GPT-SoVITS-WebUI Deserialization Vulnerability

CVE ID : CVE-2025-49837 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in vr.py AudioPre. The model_choose variable takes user input (e.g. a path to a model) and passes it to the uvr function. In uvr, a new instance of AudioPre class is created with the model_path attribute containing the aforementioned user input (here called locally model_name). Note that in this step the .pth extension is added to the path. In the AudioPre class, the user input, here called model_path, is used to load the model on that path with torch.load, which can lead to unsafe deserialization. At time of publication, no known patched versions are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49838 - GPT-SoVITS-WebUI Deserialize Vulnerability

CVE ID : CVE-2025-49838 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in vr.py AudioPreDeEcho. The model_choose variable takes user input (e.g. a path to a model) and passes it to the uvr function. In uvr, a new instance of AudioPreDeEcho class is created with the model_path attribute containing the aforementioned user input (here called locally model_name). Note that in this step the .pth extension is added to the path. In the AudioPreDeEcho class, the user input, here called model_path, is used to load the model on that path with torch.load, which can lead to unsafe deserialization. At time of publication, no known patched versions are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49839 - GPT-SoVITS-WebUI Unvalidated Model Deserialization Vulnerability

CVE ID : CVE-2025-49839 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in bsroformer.py. The model_choose variable takes user input (e.g. a path to a model) and passes it to the uvr function. In uvr, a new instance of Roformer_Loader class is created with the model_path attribute containing the aformentioned user input (here called locally model_name). Note that in this step the .ckpt extension is added to the path. In the Roformer_Loader class, the user input, here called model_path, is used to load the model on that path with torch.load, which can lead to unsafe deserialization. At time of publication, no known patched versions are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-49840 - GPT-SoVITS-WebUI Deserialization Vulnerability

CVE ID : CVE-2025-49840 Published : July 15, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is an unsafe deserialization vulnerability in inference_webui.py. The GPT_dropdown variable takes user input and passes it to the change_gpt_weights function. In change_gpt_weights, the user input, here gpt_path is used to load a model with torch.load, leading to unsafe deserialization. At time of publication, no known patched versions are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 21:15:00 GMT

read more

CVE-2025-53031 - Oracle Financial Services Analytical Applications Infrastructure HTTP Unauthenticated Confidentiality Vulnerability

CVE ID : CVE-2025-53031 Published : July 15, 2025, 8:15 p.m. | 10 hours, 2 minutes ago Description : Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53032 - Oracle MySQL Server Optimizer DOS Vulnerability

CVE ID : CVE-2025-53032 Published : July 15, 2025, 8:15 p.m. | 10 hours, 2 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53029 - Oracle VirtualBox Core Confidential Data Disclosure

CVE ID : CVE-2025-53029 Published : July 15, 2025, 8:15 p.m. | 7 hours, 48 minutes ago Description : Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 2.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). Severity: 2.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53030 - Oracle VirtualBox Core Privilege Escalation Vulnerability

CVE ID : CVE-2025-53030 Published : July 15, 2025, 8:15 p.m. | 7 hours, 48 minutes ago Description : Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50108 - Oracle Hyperion Financial Reporting Workspace HTTP Unauthorized Access and Data Modification

CVE ID : CVE-2025-50108 Published : July 15, 2025, 8:15 p.m. | 6 hours, 7 minutes ago Description : Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Workspace). The supported version that is affected is 11.2.20.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hyperion Financial Reporting accessible data as well as unauthorized read access to a subset of Oracle Hyperion Financial Reporting accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53023 - Oracle MySQL Server Replication High Privilege DOS Vulnerability

CVE ID : CVE-2025-53023 Published : July 15, 2025, 8:15 p.m. | 6 hours, 7 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.42. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53024 - Oracle Virtualization VirtualBox Core High Privilege Takeover Vulnerability

CVE ID : CVE-2025-53024 Published : July 15, 2025, 8:15 p.m. | 6 hours, 7 minutes ago Description : Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53025 - Oracle VirtualBox Core Privilege Escalation Vulnerability

CVE ID : CVE-2025-53025 Published : July 15, 2025, 8:15 p.m. | 6 hours, 7 minutes ago Description : Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53026 - Oracle VirtualBox Core Unauthorized Access Vulnerability

CVE ID : CVE-2025-53026 Published : July 15, 2025, 8:15 p.m. | 6 hours, 7 minutes ago Description : Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53027 - Oracle Virtualization VirtualBox Core Virtual Takeover

CVE ID : CVE-2025-53027 Published : July 15, 2025, 8:15 p.m. | 6 hours, 7 minutes ago Description : Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-53028 - Oracle VirtualBox Core Remote Takeover Vulnerability

CVE ID : CVE-2025-53028 Published : July 15, 2025, 8:15 p.m. | 6 hours, 7 minutes ago Description : Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50094 - Oracle MySQL Server DDL High Privilege DOS Vulnerability

CVE ID : CVE-2025-50094 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.42, 8.4.5 and 9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50095 - Oracle MySQL Server Optimizer DOS Vulnerability

CVE ID : CVE-2025-50095 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50096 - Oracle MySQL MySQL Server InnoDB DOS Vulnerability

CVE ID : CVE-2025-50096 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50097 - Oracle MySQL MySQL Server High Privilege DOS Vulnerability

CVE ID : CVE-2025-50097 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50098 - Oracle MySQL Server Optimizer Partial Denial of Service Vulnerability

CVE ID : CVE-2025-50098 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50099 - Oracle MySQL InnoDB High Privilege DOS Vulnerability

CVE ID : CVE-2025-50099 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50100 - Oracle MySQL MySQL Server Partial Denial of Service Vulnerability

CVE ID : CVE-2025-50100 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L). Severity: 2.2 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50101 - Oracle MySQL Server Optimizer Denial of Service Vulnerability

CVE ID : CVE-2025-50101 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50102 - Oracle MySQL MySQL Server High Privilege DOS Vulnerability

CVE ID : CVE-2025-50102 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50103 - Oracle MySQL MySQL Server LDAP Auth Remote DOS Vulnerability

CVE ID : CVE-2025-50103 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50104 - Oracle MySQL MySQL Server Partial Denial of Service Vulnerability

CVE ID : CVE-2025-50104 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50105 - Oracle Universal Work Queue HTTP Unauthorized Access and Data Manipulation

CVE ID : CVE-2025-50105 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Universal Work Queue accessible data as well as unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50106 - Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition 2D Remote Takeover Vulnerability

CVE ID : CVE-2025-50106 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-50107 - Oracle Universal Work Queue HTTP Request Handling Remote Code Execution

CVE ID : CVE-2025-50107 Published : July 15, 2025, 8:15 p.m. | 30 minutes ago Description : Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Request handling). Supported versions that are affected are 12.2.5-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Universal Work Queue, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Universal Work Queue accessible data as well as unauthorized read access to a subset of Oracle Universal Work Queue accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 20:15:00 GMT

read more

CVE-2025-41236 - VMware ESXi, Workstation, and Fusion VMXNET3 Integer Overflow Remote Code Execution

CVE ID : CVE-2025-41236 Published : July 15, 2025, 7:15 p.m. | 46 minutes ago Description : VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-41237 - VMware ESXi, Workstation, and Fusion VMCI Integer Underflow Privilege Escalation Vulnerability

CVE ID : CVE-2025-41237 Published : July 15, 2025, 7:15 p.m. | 46 minutes ago Description : VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-41238 - VMware ESXi, Workstation, and Fusion PVSCSI Heap-Overflow Privilege Escalation Vulnerability

CVE ID : CVE-2025-41238 Published : July 15, 2025, 7:15 p.m. | 46 minutes ago Description : VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-41239 - VMware ESXi, Workstation, Fusion vSockets Uninitialised Memory Information Disclosure

CVE ID : CVE-2025-41239 Published : July 15, 2025, 7:15 p.m. | 46 minutes ago Description : VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-53903 - Scratch Channel Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53903 Published : July 15, 2025, 7:15 p.m. | 46 minutes ago Description : The Scratch Channel is a news website that is under development as of time of this writing. The file `/api/users.js` doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 19:15:00 GMT

read more

CVE-2025-53826 - Apache File Browser JWT Token Authentication Bypass

CVE ID : CVE-2025-53826 Published : July 15, 2025, 6:15 p.m. | 30 minutes ago Description : File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of publication, no known patches exist. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-53893 - Apache File Browser Denial of Service Vulnerability

CVE ID : CVE-2025-53893 Published : July 15, 2025, 6:15 p.m. | 30 minutes ago Description : File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.38.0, a Denial of Service (DoS) vulnerability exists in the file processing logic when reading a file on endpoint `Filebrowser-Server-IP:PORT/files/{file-name}` . While the server correctly handles and stores uploaded files, it attempts to load the entire content into memory during read operations without size checks or resource limits. This allows an authenticated user to upload a large file and trigger uncontrolled memory consumption on read, potentially crashing the server and making it unresponsive. As of time of publication, no known patches are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-6558 - Google Chrome ANGLE GPU Sandbox Escape Vulnerability

CVE ID : CVE-2025-6558 Published : July 15, 2025, 6:15 p.m. | 30 minutes ago Description : Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-7656 - Google Chrome V8 Integer Overflow Heap Corruption

CVE ID : CVE-2025-7656 Published : July 15, 2025, 6:15 p.m. | 30 minutes ago Description : Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-7657 - Google Chrome WebRTC Use-After-Free Vulnerability

CVE ID : CVE-2025-7657 Published : July 15, 2025, 6:15 p.m. | 30 minutes ago Description : Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 18:15:00 GMT

read more

CVE-2025-26186 - openSIS SQL Injection Vulnerability

CVE ID : CVE-2025-26186 Published : July 15, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : SQL Injection vulnerability in openSIS v.9.1 allows a remote attacker to execute arbitrary code via the id parameter in Ajax.php Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 17:15:00 GMT

read more

CVE-2025-53895 - ZITADEL Session Hijacking Vulnerability

CVE ID : CVE-2025-53895 Published : July 15, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : ZITADEL is an open source identity management system. Starting in version 2.53.0 and prior to versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14, vulnerability in ZITADEL's session management API allows any authenticated user to update a session if they know its ID, due to a missing permission check. This flaw enables session hijacking, allowing an attacker to impersonate another user and access sensitive resources. Versions prior to `2.53.0` are not affected, as they required the session token for updates. Versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14 fix the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 17:15:00 GMT

read more

CVE-2025-53959 - JetBrains YouTrack Email Spoofing Vulnerability

CVE ID : CVE-2025-53959 Published : July 15, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 17:15:00 GMT

read more

CVE-2024-42650 - NanoMQ Denial of Service (DoS) Vulnerability

CVE ID : CVE-2024-42650 Published : July 15, 2025, 4:15 p.m. | 2 hours, 30 minutes ago Description : NanoMQ 0.17.5 was discovered to contain a segmentation fault via the component /nanomq/pub_handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-50819 - Beiyuouo Arxiv-Daily Path Traversal Vulnerability

CVE ID : CVE-2025-50819 Published : July 15, 2025, 4:15 p.m. | 2 hours, 30 minutes ago Description : Directory traversal vulnerability in beiyuouo arxiv-daily thru 2025-05-06 (commit fad168770b0e68aef3e5acfa16bb2e7a7765d687) when parsing the the topic.yml file in the generation logic in daily_arxiv.py. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-52080 - Netgear XR300 HTTPD Service Stack-Based Buffer Overflow

CVE ID : CVE-2025-52080 Published : July 15, 2025, 4:15 p.m. | 2 hours, 30 minutes ago Description : In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the share_name parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-52081 - Netgear XR300 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-52081 Published : July 15, 2025, 4:15 p.m. | 2 hours, 30 minutes ago Description : In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the usb_folder parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-52082 - Netgear XR300 HTTPD Service Stack-Based Buffer Overflow

CVE ID : CVE-2025-52082 Published : July 15, 2025, 4:15 p.m. | 2 hours, 30 minutes ago Description : In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the read_access parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 16:15:00 GMT

read more

CVE-2025-33097 - IBM QRadar SIEM Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-33097 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-48795 - Apache CXF Unencrypted Temporary File Log Exposure Denial of Service

CVE ID : CVE-2025-48795 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the entire temporary file is read into memory and then logged. An attacker might be able to exploit this to cause a denial of service attack by causing an out of memory exception. In addition, it is possible to configure CXF to encrypt temporary files to prevent sensitive credentials from being cached unencrypted on the local filesystem, however this bug means that the cached files are written out to logs unencrypted. Users are recommended to upgrade to versions 3.5.11, 3.6.6, 4.0.7 or 4.1.1, which fixes this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-52377 - Nexxt Solutions NCM-X1800 Mesh Router Command Injection Vulnerability

CVE ID : CVE-2025-52377 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to execute arbitrary commands on the device. The vulnerability is present in the web management interface's ping and traceroute functionality, specifically in the /web/um_ping_set.cgi endpoint. The application fails to properly sanitize user input in the `Ping_host_text` parameter before passing it to the underlying system command, allowing attackers to inject and execute arbitrary shell commands as the root user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-52378 - Nexxt Solutions NCM-X1800 Mesh Router Cross-Site Scripting (XSS)

CVE ID : CVE-2025-52378 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : Cross-Site Scripting (XSS) vulnerability in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below allowing attackers to inject JavaScript code that is executed in the context of administrator sessions when viewing the device management page via the DEVICE_ALIAS parameter to the /web/um_device_set_aliasname endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-52379 - Nexxt Solutions NCM-X1800 Mesh Router Remote Command Injection Vulnerability

CVE ID : CVE-2025-52379 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below contains an authenticated command injection vulnerability in the firmware update feature. The /web/um_fileName_set.cgi and /web/um_web_upgrade.cgi endpoints fail to properly sanitize the upgradeFileName parameter, allowing authenticated attackers to execute arbitrary OS commands on the device, resulting in remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-53621 - DSpace XXE Injection Vulnerability

CVE ID : CVE-2025-53621 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : DSpace open source software is a repository application which provides durable access to digital resources. Two related XML External Entity (XXE) injection possibilities impact all versions of DSpace prior to 7.6.4, 8.2, and 9.1. External entities are not disabled when parsing XML files during import of an archive (in Simple Archive Format), either from command-line (`./dspace import` command) or from the "Batch Import (Zip)" user interface feature. External entities are also not explicitly disabled when parsing XML responses from some upstream services (ArXiv, Crossref, OpenAIRE, Creative Commons) used in import from external sources via the user interface or REST API. An XXE injection in these files may result in a connection being made to an attacker's site or a local path readable by the Tomcat user, with content potentially being injected into a metadata field. In the latter case, this may result in sensitive content disclosure, including retrieving arbitrary files or configurations from the server where DSpace is running. The Simple Archive Format (SAF) importer / Batch Import (Zip) is only usable by site administrators (from user interface / REST API) or system administrators (from command-line). Therefore, to exploit this vulnerability, the malicious payload would have to be provided by an attacker and trusted by an administrator, who would trigger the import. The fix is included in DSpace 7.6.4, 8.2, and 9.1. Please upgrade to one of these versions. For those who cannot upgrade immediately, it is possible to manually patch the DSpace backend. One may also apply some best practices, though the protection provided is not as complete as upgrading. Administrators must carefully inspect any SAF archives (they did not construct themselves) before importing. As necessary, affected external services can be disabled to mitigate the ability for payloads to be delivered via external service APIs. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-53622 - DSpace Tomcat Path Traversal Vulnerability

CVE ID : CVE-2025-53622 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : DSpace open source software is a repository application which provides durable access to digital resources. Prior to versions 7.6.4, 8.2, and 9.1, a path traversal vulnerability is possible during the import of an archive (in Simple Archive Format), either from command-line (`./dspace import` command) or from the "Batch Import (Zip)" user interface feature. An attacker may craft a malicious Simple Archive Format (SAF) package where the `contents` file references any system files (using relative traversal sequences) which are readable by the Tomcat user. If such a package is imported, this will result in sensitive content disclose, including retrieving arbitrary files or configurations from the server where DSpace is running. The Simple Archive Format (SAF) importer / Batch Import (Zip) is only usable by site administrators (from user interface / REST API) or system administrators (from command-line). Therefore, to exploit this vulnerability, the malicious payload would have to be provided by an attacker and trusted by an administrator (who would trigger the import). The fix is included in DSpace 7.6.4, 8.2 and 9.1. For those who cannot upgrade immediately, it is possible to manually patch the DSpace backend. (No changes are necessary to the frontend.) A pull request exists which can be used to patch systems running DSpace 7.6.x, 8.x or 9.0. Although it is not possible to fully protect the system via workarounds, one may can apply a best practice. Administrators must carefully inspect any SAF archives (they did not construct themselves) before importing, paying close attention to the `contents` file to validate it does not reference files outside of the SAF archives. Severity: 5.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-6971 - SOLIDWORKS eDrawings After Free Vulnerability

CVE ID : CVE-2025-6971 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-6972 - SOLIDWORKS eDrawings After Free Code Execution Vulnerability

CVE ID : CVE-2025-6972 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-6973 - SOLIDWORKS eDrawings JT File After Free Vulnerability

CVE ID : CVE-2025-6973 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : Use After Free vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-6974 - SOLIDWORKS eDrawings Uninitialized Variable Code Execution Vulnerability

CVE ID : CVE-2025-6974 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : Use of Uninitialized Variable vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-7042 - SOLIDWORKS eDrawings After Free Code Execution Vulnerability

CVE ID : CVE-2025-7042 Published : July 15, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : Use After Free vulnerability exists in the IPT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted IPT file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-0831 - SOLIDWORKS eDrawings JT File Out-Of-Bounds Read Arbitrary Code Execution

CVE ID : CVE-2025-0831 Published : July 15, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : Out-Of-Bounds Read vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-30483 - Dell ECS Insertion of Sensitive Information into Log File Vulnerability

CVE ID : CVE-2025-30483 Published : July 15, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 15:15:00 GMT

read more

CVE-2025-52376 - Nexxt Solutions NCM-X1800 Mesh Router Telnet Authentication Bypass

CVE ID : CVE-2025-52376 Published : July 15, 2025, 2:15 p.m. | 2 hours, 30 minutes ago Description : An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below, allowing an attacker to remotely enable the Telnet service without authentication, bypassing security controls. The Telnet server is then accessible with hard-coded credentials, allowing attackers to gain administrative shell access and execute arbitrary commands on the device. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 14:15:00 GMT

read more

CVE-2025-6965 - SQLite Aggregate Overflow

CVE ID : CVE-2025-6965 Published : July 15, 2025, 2:15 p.m. | 2 hours, 30 minutes ago Description : There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 14:15:00 GMT

read more

CVE-2025-34112 - Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution

CVE ID : CVE-2025-34112 Published : July 15, 2025, 1:15 p.m. | 3 hours, 30 minutes ago Description : An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral NetProfiler and NetExpress 10.8.7 virtual appliances. A SQL injection vulnerability in the '/api/common/1.0/login' endpoint can be exploited to create a new user account in the appliance database. This user can then trigger a command injection vulnerability in the '/index.php?page=licenses' endpoint to execute arbitrary commands. The attacker may escalate privileges to root by exploiting an insecure sudoers configuration that allows the 'mazu' user to execute arbitrary commands as root via SSH key extraction and command chaining. Successful exploitation allows full remote root access to the virtual appliance. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34113 - Tiki Wiki CMS Command Injection Vulnerability

CVE ID : CVE-2025-34113 Published : July 15, 2025, 1:15 p.m. | 3 hours, 30 minutes ago Description : An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4 LTS, ≤9.10 LTS, and ≤6.14 via the `viewmode` GET parameter in `tiki-calendar.php`. When the calendar module is enabled and an authenticated user has permission to access it, an attacker can inject and execute arbitrary PHP code. Successful exploitation leads to remote code execution in the context of the web server user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34115 - OP5 Monitor Command Injection Vulnerability

CVE ID : CVE-2025-34115 Published : July 15, 2025, 1:15 p.m. | 3 hours, 30 minutes ago Description : An authenticated command injection vulnerability exists in OP5 Monitor through version 7.1.9 via the 'cmd_str' parameter in the command_test.php endpoint. A user with access to the web interface can exploit the 'Test this command' feature to execute arbitrary shell commands as the unprivileged web application user. The vulnerability resides in the configuration section of the application and requires valid login credentials with access to the command testing functionality. This issue is fixed in version 7.2.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34116 - IPFire Command Injection Vulnerability

CVE ID : CVE-2025-34116 Published : July 15, 2025, 1:15 p.m. | 3 hours, 30 minutes ago Description : A remote command execution vulnerability exists in IPFire before version 2.19 Core Update 101 via the 'proxy.cgi' CGI interface. An authenticated attacker can inject arbitrary shell commands through crafted values in the NCSA user creation form fields, leading to command execution with web server privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34107 - WinaXe FTP Client Buffer Overflow

CVE ID : CVE-2025-34107 Published : July 15, 2025, 1:15 p.m. | 2 hours, 39 minutes ago Description : A buffer overflow vulnerability exists in the WinaXe FTP Client version 7.7 within the FTP banner parsing functionality, WCMDPA10.dll. When the client connects to a remote FTP server and receives an overly long '220 Server Ready' response, the vulnerable component responsible for parsing the banner overflows a stack buffer, leading to arbitrary code execution under the context of the user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34108 - Disk Pulse Enterprise Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-34108 Published : July 15, 2025, 1:15 p.m. | 2 hours, 39 minutes ago Description : A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component. Successful exploitation allows arbitrary code execution with SYSTEM privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34109 - Panda Security DLL Injection Vulnerability

CVE ID : CVE-2025-34109 Published : July 15, 2025, 1:15 p.m. | 2 hours, 39 minutes ago Description : PSEvents.exe in multiple Panda Security products runs hourly with SYSTEM privileges and loads DLL files from a user-writable directory without proper validation. An attacker with low-privileged access who can write DLL files to the monitored directory can achieve arbitrary code execution with SYSTEM privileges. Affected products include Panda Global Protection 2016, Panda Antivirus Pro 2016, Panda Small Business Protection, and Panda Internet Security 2016 (all versions up to 16.1.2). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34110 - ColoradoFTP Server Directory Traversal Vulnerability

CVE ID : CVE-2025-34110 Published : July 15, 2025, 1:15 p.m. | 2 hours, 39 minutes ago Description : A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34111 - Tiki Wiki CMS Groupware ELFinder PHP File Upload Vulnerability

CVE ID : CVE-2025-34111 Published : July 15, 2025, 1:15 p.m. | 2 hours, 39 minutes ago Description : An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder component's default connector (connector.minimal.php), which allows remote attackers to upload and execute malicious PHP scripts in the context of the web server. The vulnerable component does not enforce file type validation, allowing attackers to craft a POST request to upload executable PHP payloads through the ELFinder interface exposed at /vendor_extra/elfinder/. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34068 - Samsung WLAN AP WEA453e Unauthenticated Remote Command Execution Vulnerability

CVE ID : CVE-2025-34068 Published : July 15, 2025, 1:15 p.m. | 1 hour, 48 minutes ago Description : An unauthenticated remote command execution vulnerability exists in Samsung WLAN AP WEA453e firmware prior to version 5.2.4.T1 via improper input validation in the “Tech Support” diagnostic functionality. The command1 and command2 POST or GET parameters accept arbitrary shell commands that are executed with root privileges on the underlying operating system. An attacker can exploit this by crafting a request that injects shell commands to create output files in writable directories and then access their contents via the download endpoint. This flaw allows complete compromise of the device without authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34103 - WePresent WiPG-1000 Command Injection Vulnerability

CVE ID : CVE-2025-34103 Published : July 15, 2025, 1:15 p.m. | 1 hour, 48 minutes ago Description : An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware versions prior to 2.2.3.0, due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The Client parameter is not sanitized before being passed to a system call, allowing an unauthenticated remote attacker to execute arbitrary commands as the web server user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34104 - Piwik (Matomo) Remote Code Execution Vulnerability

CVE ID : CVE-2025-34104 Published : July 15, 2025, 1:15 p.m. | 1 hour, 48 minutes ago Description : An authenticated remote code execution vulnerability exists in Piwik (now Matomo) versions prior to 3.0.3 via the plugin upload mechanism. In vulnerable versions, an authenticated user with Superuser privileges can upload and activate a malicious plugin (ZIP archive), leading to arbitrary PHP code execution on the underlying system. Starting with version 3.0.3, plugin upload functionality is disabled by default unless explicitly enabled in the configuration file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34105 - "DiskBoss Enterprise HTTP GET Stack-Based Buffer Overflow"

CVE ID : CVE-2025-34105 Published : July 15, 2025, 1:15 p.m. | 1 hour, 48 minutes ago Description : A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. The vulnerability arises from improper bounds checking on the path component of HTTP GET requests. By sending a specially crafted long URI, a remote unauthenticated attacker can trigger a buffer overflow, potentially leading to arbitrary code execution with SYSTEM privileges on vulnerable Windows hosts. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-34106 - Adobe PDF Shaper Buffer Overflow Vulnerability

CVE ID : CVE-2025-34106 Published : July 15, 2025, 1:15 p.m. | 1 hour, 48 minutes ago Description : A buffer overflow vulnerability exists in PDF Shaper versions 3.5 and 3.6 when converting a crafted PDF file to an image using the 'Convert PDF to Image' functionality. An attacker can exploit this vulnerability by tricking a user into opening a maliciously crafted PDF file, leading to arbitrary code execution under the context of the user. This vulnerability has been verified on Windows XP, 7, 8, and 10 platforms using the PDFTools.exe component. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 13:15:00 GMT

read more

CVE-2025-7667 - WordPress Restrict File Access CSRF Vulnerability

CVE ID : CVE-2025-7667 Published : July 15, 2025, 12:15 p.m. | 2 hours, 48 minutes ago Description : The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the 'restrict-file-access' page. This makes it possible for unauthenticated attackers to to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php), via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 12:15:00 GMT

read more

CVE-2025-4369 - "WordPress Companion Auto Update Stored Cross-Site Scripting"

CVE ID : CVE-2025-4369 Published : July 15, 2025, 10:15 a.m. | 4 hours, 48 minutes ago Description : The Companion Auto Update plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘update_delay_days’ parameter in all versions up to, and including, 3.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 10:15:00 GMT

read more

CVE-2025-24477 - Fortinet FortiOS Heap-Based Buffer Overflow Privilege Escalation

CVE ID : CVE-2025-24477 Published : July 15, 2025, 9:15 a.m. | 5 hours, 48 minutes ago Description : A heap-based buffer overflow in Fortinet FortiOS versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2.4 through 7.2.11 allows an attacker to escalate its privileges via a specially crafted CLI command Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 09:15:00 GMT

read more

CVE-2025-3621 - ProTNS ActADUR Remote Code Inclusion and Command Injection

CVE ID : CVE-2025-3621 Published : July 15, 2025, 8:15 a.m. | 6 hours, 48 minutes ago Description : Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems. * vulnerabilities: * Improper Neutralization of Special Elements used in a Command ('Command Injection') * Use of Hard-coded Credentials * Improper Authentication * Binding to an Unrestricted IP Address The vulnerability has been rated as critical.This issue affects ActADUR: from v2.0.1.9 before v2.0.2.0., hence updating to version v2.0.2.0. or above is required. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 08:15:00 GMT

read more

CVE-2025-7672 - JiranSoft CrossEditor4 Stored XSS Vulnerability

CVE ID : CVE-2025-7672 Published : July 15, 2025, 8:15 a.m. | 6 hours, 48 minutes ago Description : The improper default setting in JiranSoft CrossEditor4 on Windows, Linux, Unix (API modules) potentaily allows Stored XSS. This issue affects CrossEditor4: from 4.0.0.01 before 4.6.0.23. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 08:15:00 GMT

read more

CVE-2025-7340 - "Elementor HT Contact Form Widget File Upload Vulnerability"

CVE ID : CVE-2025-7340 Published : July 15, 2025, 5:15 a.m. | 9 hours, 48 minutes ago Description : The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the temp_file_upload function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 05:15:00 GMT

read more

CVE-2025-7341 - Elementor Page Builder Gutenberg Blocks Form Builder File Deletion Vulnerability

CVE ID : CVE-2025-7341 Published : July 15, 2025, 5:15 a.m. | 9 hours, 48 minutes ago Description : The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the temp_file_delete() function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 05:15:00 GMT

read more

CVE-2025-7360 - Elementor Page Builder Gutenberg Blocks Form Builder HT Contact Form Widget File Moving Vulnerability

CVE ID : CVE-2025-7360 Published : July 15, 2025, 5:15 a.m. | 9 hours, 48 minutes ago Description : The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation in the handle_files_upload() function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php). Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 05:15:00 GMT

read more

CVE-2025-7367 - WordPress Strong Testimonials Stored Cross-Site Scripting

CVE ID : CVE-2025-7367 Published : July 15, 2025, 5:15 a.m. | 9 hours, 48 minutes ago Description : The Strong Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Custom Fields in all versions up to, and including, 3.2.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 05:15:00 GMT

read more

CVE-2025-5393 - WordPress Alone Charity Multipurpose Non-profit Theme Arbitrary File Deletion Vulnerability

CVE ID : CVE-2025-5393 Published : July 15, 2025, 4:15 a.m. | 9 hours, 38 minutes ago Description : The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the alone_import_pack_restore_data() function in all versions up to, and including, 7.8.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 04:15:00 GMT

read more

CVE-2025-5394 - Alone – Charity Multipurpose Non-profit WordPress Theme Unauthenticated Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-5394 Published : July 15, 2025, 4:15 a.m. | 9 hours, 38 minutes ago Description : The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the alone_import_pack_install_plugin() function in all versions up to, and including, 7.8.3. This makes it possible for unauthenticated attackers to upload zip files containing webshells disguised as plugins from remote locations to achieve remote code execution. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 04:15:00 GMT

read more

CVE-2025-6265 - Zyxel NWA50AX PRO Path Traversal Vulnerability

CVE ID : CVE-2025-6265 Published : July 15, 2025, 2:15 a.m. | 10 hours, 29 minutes ago Description : A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7.10(ACGE.2) and earlier could allow an authenticated attacker with administrator privileges to access specific directories and delete files, such as the configuration file, on the affected device. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 02:15:00 GMT

read more

CVE-2025-53836 - XWiki Rendering Macro Execution Bypass

CVE ID : CVE-2025-53836 Published : July 15, 2025, 12:15 a.m. | 12 hours, 29 minutes ago Description : XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricted attribute of the transformation context when executing nested macros. This allows executing macros that are normally forbidden in restricted mode, in particular script macros. The cache and chart macros that are bundled in XWiki use the vulnerable feature. This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. To avoid the exploitation of this bug, comments can be disabled for untrusted users until an upgrade to a patched version has been performed. Note that users with edit rights will still be able to add comments via the object editor even if comments have been disabled. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53839 - DRACOON Branding Service Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-53839 Published : July 15, 2025, 12:15 a.m. | 12 hours, 29 minutes ago Description : DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users could inject HTML code into the workflow for newly onboarded users. A fix was made available in version 2.10.0 and rolled out to the DRACOON service. DRACOON customers do not need to take action. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53885 - Directus Console Log Data Exposure Vulnerability

CVE ID : CVE-2025-53885 Published : July 15, 2025, 12:15 a.m. | 12 hours, 29 minutes ago Description : Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, when using Directus Flows to handle CRUD events for users it is possible to log the incoming data to console using the "Log to Console" operation and a template string. Malicious admins can log sensitive data from other users when they are created or updated. Version 11.9.0 contains a fix for the issue. As a workaround, avoid logging sensitive data to the console outside the context of development. Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53886 - Directus Session Hijacking Vulnerability

CVE ID : CVE-2025-53886 Published : July 15, 2025, 12:15 a.m. | 12 hours, 29 minutes ago Description : Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, when using Directus Flows with the WebHook trigger all incoming request details are logged including security sensitive data like access and refresh tokens in cookies. Malicious admins with access to the logs can hijack the user sessions within the token expiration time of them triggering the Flow. Version 11.9.0 fixes the issue. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53887 - Directus OpenAPI Spec Version Disclosure

CVE ID : CVE-2025-53887 Published : July 15, 2025, 12:15 a.m. | 12 hours, 29 minutes ago Description : Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, the exact Directus version number is incorrectly being used as OpenAPI Spec version this means that it is being exposed by the `/server/specs/oas` endpoint without authentication. With the exact version information a malicious attacker can look for known vulnerabilities in Directus core or any of its shipped dependencies in that specific running version. Version 11.9.0 fixes the issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53889 - Directus Unauthenticated Flow Trigger Vulnerability

CVE ID : CVE-2025-53889 Published : July 15, 2025, 12:15 a.m. | 12 hours, 29 minutes ago Description : Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.12.0 and prior to version 11.9.0, Directus Flows with a manual trigger are not validating whether the user triggering the Flow has permissions to the items provided as payload to the Flow. Depending on what the Flow is set up to do this can lead to the Flow executing potential tasks on the attacker's behalf without authenticating. Bad actors could execute the manual trigger Flows without authentication, or access rights to the said collection(s) or item(s). Users with manual trigger Flows configured are impacted as these endpoints do not currently validate if the user has read access to `directus_flows` or to the relevant collection/items. The manual trigger Flows should have tighter security requirements as compared to webhook Flows where users are expected to perform do their own checks. Version 11.9.0 fixes the issue. As a workaround, implement permission checks for read access to Flows and read access to relevant collection/items. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53890 - Pyload CAPTCHA JavaScript Evaluation Remote Code Execution

CVE ID : CVE-2025-53890 Published : July 15, 2025, 12:15 a.m. | 12 hours, 29 minutes ago Description : pyload is an open-source Download Manager written in pure Python. An unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code allows unauthenticated remote attackers to execute arbitrary code in the client browser and potentially the backend server. Exploitation requires no user interaction or authentication and can result in session hijacking, credential theft, and full system remote code execution. Commit 909e5c97885237530d1264cfceb5555870eb9546, the patch for the issue, is included in version 0.5.0b3.dev89. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53891 - Apache Time-Line File Upload Vulnerability (Remote File Inclusion/DoS)

CVE ID : CVE-2025-53891 Published : July 15, 2025, 12:15 a.m. | 12 hours, 29 minutes ago Description : The timelineofficial/Time-Line- repository contains the source code for the TIME LINE website. A vulnerability was found in the TIME LINE website where uploaded files (instruction/message media) are not strictly validated for type and size. A user may upload renamed or oversized files that can disrupt performance or bypass restrictions. This could result in malicious file upload, denial of service, or client-side crashes. Version 1.0.5 contains a fix for the issue. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 15 Jul 2025 00:15:00 GMT

read more

CVE-2025-53824 - WeGIA Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53824 Published : July 14, 2025, 11:15 p.m. | 13 hours, 29 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the editar_permissoes.php endpoint of the WeGIA application prior to version 3.4.4. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. Version 3.4.4 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53825 - Dokploy Unauthenticated Code Execution and Secret Disclosure Vulnerability

CVE ID : CVE-2025-53825 Published : July 14, 2025, 11:15 p.m. | 13 hours, 29 minutes ago Description : Dokploy is a free, self-hostable Platform as a Service (PaaS). Prior to version 0.24.3, an unauthenticated preview deployment vulnerability in Dokploy allows any user to execute arbitrary code and access sensitive environment variables by simply opening a pull request on a public repository. This exposes secrets and potentially enables remote code execution, putting all public Dokploy users using these preview deployments at risk. Version 0.24.3 contains a fix for the issue. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53833 - "LaRecipe Server-Side Template Injection Vulnerability"

CVE ID : CVE-2025-53833 Published : July 14, 2025, 11:15 p.m. | 13 hours, 29 minutes ago Description : LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side Template Injection (SSTI), which could potentially lead to Remote Code Execution (RCE) in vulnerable configurations. Attackers could execute arbitrary commands on the server, access sensitive environment variables, and/or escalate access depending on server configuration. Users are strongly advised to upgrade to version v2.8.1 or later to receive a patch. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53834 - Caido Toast UI Component Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53834 Published : July 14, 2025, 11:15 p.m. | 13 hours, 29 minutes ago Description : Caido is a web security auditing toolkit. A reflected cross-site scripting (XSS) vulnerability was discovered in Caido’s toast UI component in versions prior to 0.49.0. Toast messages may reflect unsanitized user input in certain tools such as Match&Replace and Scope. This could allow an attacker to craft input that results in arbitrary script execution. Version 0.49.0 fixes the issue. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53835 - XWiki Rendering Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-53835 Published : July 14, 2025, 11:15 p.m. | 13 hours, 29 minutes ago Description : XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Starting in version 5.4.5 and prior to version 14.10, the XHTML syntax depended on the `xdom+xml/current` syntax which allows the creation of raw blocks that permit the insertion of arbitrary HTML content including JavaScript. This allows XSS attacks for users who can edit a document like their user profile (enabled by default). This has been fixed in version 14.10 by removing the dependency on the `xdom+xml/current` syntax from the XHTML syntax. Note that the `xdom+xml` syntax is still vulnerable to this attack. As it's main purpose is testing and its use is quite difficult, this syntax shouldn't be installed or used on a regular wiki. There are no known workarounds apart from upgrading. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53823 - WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-53823 Published : July 14, 2025, 11:15 p.m. | 11 hours, 29 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint `/WeGIA/html/socio/sistema/processa_deletar_socio.php`, in the `id_socio` parameter. This vulnerability allows the execution of arbitrary SQL commands, which can compromise the confidentiality, integrity, and availability of stored data. Version 3.4.5 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53821 - WeGIA Open Redirect Vulnerability

CVE ID : CVE-2025-53821 Published : July 14, 2025, 11:15 p.m. | 9 hours, 48 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Open Redirect vulnerability exists in the web application prior to version 3.4.5. The control.php endpoint allows to specify an arbitrary URL via the `nextPage` parameter, leading to an uncontrolled redirection. Version 3.4.5 contains a fix for the issue. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53822 - WeGIA Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53822 Published : July 14, 2025, 11:15 p.m. | 9 hours, 48 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `relatorio_geracao.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `tipo_relatorio` parameter. Version 3.4.5 has a patch for the issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 23:15:00 GMT

read more

CVE-2025-53819 - Nix Privilege Escalation Vulnerability

CVE ID : CVE-2025-53819 Published : July 14, 2025, 9:15 p.m. | 10 hours, 11 minutes ago Description : Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available. Severity: 7.9 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53820 - WeGIA Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53820 Published : July 14, 2025, 9:15 p.m. | 10 hours, 11 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `index.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `erro` parameter. Version 3.4.5 contains a patch for the issue. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53640 - Indico Information Disclosure Vulnerability

CVE ID : CVE-2025-53640 Published : July 14, 2025, 9:15 p.m. | 8 hours, 9 minutes ago Description : Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Starting in version 2.2 and prior to version 3.3.7, an endpoint used to display details of users listed in certain fields (such as ACLs) could be misused to dump basic user details (such as name, affiliation and email) in bulk. Version 3.3.7 fixes the issue. Owners of instances that allow everyone to create a user account, who wish to truly restrict access to these user details, should consider restricting user search to managers. As a workaround, it is possible to restrict access to the affected endpoints (e.g. in the webserver config), but doing so would break certain form fields which could no longer show the details of the users listed in those fields, so upgrading instead is highly recommended. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53643 - AIOHTTP Request Smuggling Vulnerability

CVE ID : CVE-2025-53643 Published : July 14, 2025, 9:15 p.m. | 8 hours, 9 minutes ago Description : AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.12.14 contains a patch for this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53818 - GitHub Kanban MCP Server Command Injection Vulnerability

CVE ID : CVE-2025-53818 Published : July 14, 2025, 9:15 p.m. | 8 hours, 9 minutes ago Description : GitHub Kanban MCP Server is a Model Context Protocol (MCP) server for managing GitHub issues in Kanban board format and streamlining LLM task management. Versions 0.3.0 and 0.4.0 of the MCP Server are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server exposes the tool `add_comment` which relies on Node.js child process API `exec` to execute the GitHub (`gh`) command, is an unsafe and vulnerable API if concatenated with untrusted user input. As of time of publication, no known patches are available. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 21:15:00 GMT

read more

CVE-2025-53639 - MeterSphere SQL Injection Vulnerability

CVE ID : CVE-2025-53639 Published : July 14, 2025, 8:15 p.m. | 9 hours, 9 minutes ago Description : MeterSphere is an open source continuous testing platform. Prior to version 3.6.5-lts, the sortField parameter in certain API endpoints is not properly validated or sanitized. An attacker can supply crafted input to inject and execute arbitrary SQL statements through the sorting functionality. This could result in modification or deletion of database contents, with a potential full compromise of the application’s database integrity and availability. Version 3.6.5-lts fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-53101 - ImageMagick Stack Overflow

CVE ID : CVE-2025-53101 Published : July 14, 2025, 8:15 p.m. | 6 hours, 28 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`. Versions 7.1.2-0 and 6.9.13-26 fix the issue. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-53623 - ActiveJob Job Iteration API Remote Code Execution Vulnerability

CVE ID : CVE-2025-53623 Published : July 14, 2025, 8:15 p.m. | 6 hours, 28 minutes ago Description : The Job Iteration API is an an extension for ActiveJob that make jobs interruptible and resumable Versions prior to 1.11.0 have an arbitrary code execution vulnerability in the `CsvEnumerator` class. This vulnerability can be exploited by an attacker to execute arbitrary commands on the system where the application is running, potentially leading to unauthorized access, data leakage, or complete system compromise. The issue is fixed in versions `1.11.0` and above. Users can mitigate the risk by avoiding the use of untrusted input in the `CsvEnumerator` class and ensuring that any file paths are properly sanitized and validated before being passed to the class methods. Users should avoid using the `count_of_rows_in_file` method with untrusted CSV filenames. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-53019 - ImageMagick Memory Leak

CVE ID : CVE-2025-53019 Published : July 14, 2025, 8:15 p.m. | 5 hours, 6 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `magick stream` command, specifying multiple consecutive `%d` format specifiers in a filename template causes a memory leak. Versions 7.1.2-0 and 6.9.13-26 fix the issue. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-53015 - ImageMagick XMP File Conversion Infinite Lines Vulnerability

CVE ID : CVE-2025-53015 Published : July 14, 2025, 8:15 p.m. | 2 hours, 27 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 20:15:00 GMT

read more

CVE-2025-52363 - Tenda CP3 Pro Root Password Hash Hardcoded Vulnerability

CVE ID : CVE-2025-52363 Published : July 14, 2025, 6:15 p.m. | 4 hours, 27 minutes ago Description : Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file and /etc/passwd-. An attacker with access to the firmware image can extract and attempt to crack the root password hash, potentially obtaining administrative access Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 18:15:00 GMT

read more

CVE-2025-53014 - ImageMagick Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-53014 Published : July 14, 2025, 6:15 p.m. | 4 hours, 27 minutes ago Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` function. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs (`%%`). Versions 7.1.2-0 and 6.9.13-26 fix the issue. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 18:15:00 GMT

read more

CVE-2025-7627 - YiJiuSmile kkFileViewOfficeEdit Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7627 Published : July 14, 2025, 6:15 p.m. | 4 hours, 27 minutes ago Description : A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this issue is the function fileUpload of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 18:15:00 GMT

read more

CVE-2025-7628 - YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability

CVE ID : CVE-2025-7628 Published : July 14, 2025, 6:15 p.m. | 4 hours, 27 minutes ago Description : A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd. It has been classified as critical. This affects the function deleteFile of the file /deleteFile. The manipulation of the argument fileName leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 18:15:00 GMT

read more

CVE-2025-51652 - SemCms SQL Injection Vulnerability

CVE ID : CVE-2025-51652 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Categories.php. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51653 - SemCms SQL Injection Vulnerability

CVE ID : CVE-2025-51653 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_ct.php. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51654 - SemCms SQL Injection Vulnerability

CVE ID : CVE-2025-51654 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Infocategories.php. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51655 - SemCms v5.0 was discovered to contain a SQL inject

CVE ID : CVE-2025-51655 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51656 - SemCms SQL Injection

CVE ID : CVE-2025-51656 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51657 - SemCms SQL Injection

CVE ID : CVE-2025-51657 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Link.php. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51658 - SemCms SQL Injection Vulnerability

CVE ID : CVE-2025-51658 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_InquiryView.php. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51659 - SemCms SQL Injection Vulnerability

CVE ID : CVE-2025-51659 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Products.php. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51660 - SemCms SQL Injection

CVE ID : CVE-2025-51660 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Products.php. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-7625 - YiJiuSmile kkFileViewOfficeEdit Remote Path Traversal Vulnerability

CVE ID : CVE-2025-7625 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : A vulnerability, which was classified as critical, was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd. Affected is the function Download of the file /download. The manipulation of the argument url leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-7626 - YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability

CVE ID : CVE-2025-7626 Published : July 14, 2025, 5:15 p.m. | 5 hours, 27 minutes ago Description : A vulnerability has been found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this vulnerability is the function onlinePreview of the file /onlinePreview. The manipulation of the argument url leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2024-42646 - NanoMQ Denial of Service (DoS) Vulnerability

CVE ID : CVE-2024-42646 Published : July 14, 2025, 5:15 p.m. | 3 hours, 45 minutes ago Description : A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2024-42648 - NanoMQ MQTT Heap Overflow Denial of Service

CVE ID : CVE-2024-42648 Published : July 14, 2025, 5:15 p.m. | 3 hours, 45 minutes ago Description : NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2024-42649 - NanoMQ Memory Leak Denial of Service Vulnerability

CVE ID : CVE-2024-42649 Published : July 14, 2025, 5:15 p.m. | 3 hours, 45 minutes ago Description : NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51650 - FoxCMS Remote Code Execution (RCE)

CVE ID : CVE-2025-51650 Published : July 14, 2025, 5:15 p.m. | 3 hours, 45 minutes ago Description : An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary code via uploading a crafted template file. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-51651 - Mccms File Download Vulnerability

CVE ID : CVE-2025-51651 Published : July 14, 2025, 5:15 p.m. | 3 hours, 45 minutes ago Description : An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 17:15:00 GMT

read more

CVE-2025-7615 - TOTOLINK T6 Command Injection Vulnerability

CVE ID : CVE-2025-7615 Published : July 14, 2025, 4:15 p.m. | 3 hours, 1 minute ago Description : A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. Affected by this vulnerability is the function clearPairCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 16:15:00 GMT

read more

CVE-2025-7616 - Snap7 gmg137 Pthread Conditional Destroy Memory Corruption Vulnerability

CVE ID : CVE-2025-7616 Published : July 14, 2025, 4:15 p.m. | 3 hours, 1 minute ago Description : A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthread_cond_destroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 16:15:00 GMT

read more

CVE-2025-7612 - "Code-projects Mobile Shop SQL Injection Vulnerability"

CVE ID : CVE-2025-7612 Published : July 14, 2025, 3:15 p.m. | 4 hours, 1 minute ago Description : A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-7613 - TOTOLINK T6 Command Injection Vulnerability in CloudSrvVersionCheck

CVE ID : CVE-2025-7613 Published : July 14, 2025, 3:15 p.m. | 4 hours, 1 minute ago Description : A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-7614 - TOTOLINK T6 Command Injection Vulnerability

CVE ID : CVE-2025-7614 Published : July 14, 2025, 3:15 p.m. | 4 hours, 1 minute ago Description : A vulnerability classified as critical has been found in TOTOLINK T6 4.1.5cu.748. Affected is the function delDevice of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ipAddr leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-50756 - Wavlink WN535K3 Command Injection Vulnerability

CVE ID : CVE-2025-50756 Published : July 14, 2025, 3:15 p.m. | 2 hours, 32 minutes ago Description : Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the newpass parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-7611 - "Code-Projects Wedding Reservation SQL Injection"

CVE ID : CVE-2025-7611 Published : July 14, 2025, 3:15 p.m. | 2 hours, 32 minutes ago Description : A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The manipulation of the argument lu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 15:15:00 GMT

read more

CVE-2025-7609 - "Code-projects Simple Shopping Cart SQL Injection Vulnerability"

CVE ID : CVE-2025-7609 Published : July 14, 2025, 2:15 p.m. | 3 hours, 32 minutes ago Description : A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruser_email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-7610 - Apache Code-projects Electricity Billing System SQL Injection Vulnerability

CVE ID : CVE-2025-7610 Published : July 14, 2025, 2:15 p.m. | 3 hours, 32 minutes ago Description : A vulnerability was found in code-projects Electricity Billing System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/change_password.php. The manipulation of the argument new_password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-7519 - Polkit XML Policy Parsing Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-7519 Published : July 14, 2025, 2:15 p.m. | 2 hours, 27 minutes ago Description : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-7607 - Apache Simple Shopping Cart SQL Injection Vulnerability

CVE ID : CVE-2025-7607 Published : July 14, 2025, 2:15 p.m. | 2 hours, 26 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Simple Shopping Cart 1.0. This issue affects some unknown processing of the file /Customers/save_order.php. The manipulation of the argument order_price leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-7608 - Apache Code-projects Simple Shopping Cart SQL Injection Vulnerability

CVE ID : CVE-2025-7608 Published : July 14, 2025, 2:15 p.m. | 2 hours, 26 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Simple Shopping Cart 1.0. Affected is an unknown function of the file /userlogin.php. The manipulation of the argument user_email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 14:15:00 GMT

read more

CVE-2025-27582 - One Identity Password Manager Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-27582 Published : July 14, 2025, 1:15 p.m. | 3 hours, 27 minutes ago Description : The Secure Password extension in One Identity Password Manager before 5.14.4 allows local privilege escalation. The issue arises from a flawed security hardening mechanism within the kiosk browser used to display the Password Self-Service site to end users. Specifically, the application attempts to restrict privileged actions by overriding the native window.print() function. However, this protection can be bypassed by an attacker who accesses the Password Self-Service site from the lock screen and navigates to an attacker-controlled webpage via the Help function. By hosting a crafted web page with JavaScript, the attacker can restore and invoke the window.print() function, launching a SYSTEM-privileged print dialog. From this dialog, the attacker can exploit standard Windows functionality - such as the Print to PDF or Add Printer wizard - to spawn a command prompt with SYSTEM privileges. Successful exploitation allows a local attacker (with access to a locked workstation) to gain SYSTEM-level privileges, granting full control over the affected device. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7603 - D-Link DI-8100 HTTP Request Handler Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7603 Published : July 14, 2025, 1:15 p.m. | 3 hours, 27 minutes ago Description : A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. Affected is an unknown function of the file /jingx.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7604 - PHPGurukul Hospital Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7604 Published : July 14, 2025, 1:15 p.m. | 3 hours, 27 minutes ago Description : A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user-login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7605 - AVL Rooms SQL Injection Vulnerability

CVE ID : CVE-2025-7605 Published : July 14, 2025, 1:15 p.m. | 3 hours, 27 minutes ago Description : A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument first_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7606 - AVL Rooms SQL Injection Vulnerability

CVE ID : CVE-2025-7606 Published : July 14, 2025, 1:15 p.m. | 3 hours, 27 minutes ago Description : A vulnerability classified as critical has been found in code-projects AVL Rooms 1.0. This affects an unknown part of the file /city.php. The manipulation of the argument city leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 13:15:00 GMT

read more

CVE-2025-7599 - PHPGurukul Dairy Farm Shop Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7599 Published : July 14, 2025, 12:15 p.m. | 4 hours, 27 minutes ago Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. Affected by this issue is some unknown functionality of the file /invoice.php. The manipulation of the argument del leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 12:15:00 GMT

read more

CVE-2025-7600 - PHPGurukul Online Library Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7600 Published : July 14, 2025, 12:15 p.m. | 4 hours, 27 minutes ago Description : A vulnerability, which was classified as critical, was found in PHPGurukul Online Library Management System 3.0. This affects an unknown part of the file /admin/student-history.php. The manipulation of the argument stdid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 12:15:00 GMT

read more

CVE-2025-7601 - PHPGurukul Online Library Management System Cross Site Scripting Vulnerability

CVE ID : CVE-2025-7601 Published : July 14, 2025, 12:15 p.m. | 4 hours, 27 minutes ago Description : A vulnerability has been found in PHPGurukul Online Library Management System 3.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/student-history.php. The manipulation of the argument stdid leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 12:15:00 GMT

read more

CVE-2025-7602 - D-Link DI-8100 HTTP Request Handler Stack-Based Buffer Overflow

CVE ID : CVE-2025-7602 Published : July 14, 2025, 12:15 p.m. | 4 hours, 27 minutes ago Description : A vulnerability was found in D-Link DI-8100 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /arp_sys.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 12:15:00 GMT

read more

CVE-2025-7596 - Tenda FH1205 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7596 Published : July 14, 2025, 11:15 a.m. | 5 hours, 27 minutes ago Description : A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been rated as critical. This issue affects the function formWifiExtraSet of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7597 - Tenda AX1803 Stack-Based Buffer Overflow

CVE ID : CVE-2025-7597 Published : July 14, 2025, 11:15 a.m. | 5 hours, 27 minutes ago Description : A vulnerability classified as critical has been found in Tenda AX1803 1.0.0.1. Affected is the function formSetMacFilterCfg of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7598 - Tenda AX1803 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7598 Published : July 14, 2025, 11:15 a.m. | 5 hours, 27 minutes ago Description : A vulnerability classified as critical was found in Tenda AX1803 1.0.0.1. Affected by this vulnerability is the function formSetWifiMacFilterCfg of the file /goform/setWifiFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7618 - "ADM File Explorer and Text Editor Stored XSS"

CVE ID : CVE-2025-7618 Published : July 14, 2025, 11:15 a.m. | 5 hours, 27 minutes ago Description : A stored Cross-Site Scripting (XSS) vulnerability vulnerability was found in the File Explorer and Text Editor of ADM. An attacker could exploit this vulnerability to inject malicious scripts into the applications, which may then access cookies or other sensitive information retained by the browser and used with the affected applications. Affected products and versions include: from ADM 4.1.0 to ADM 4.3.3.RH61 as well as ADM 5.0.0.RIN1 and earlier, and Text Editor 1.0.0.r112 and earlier. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2024-51770 - HPE AutoPass License Server Information Disclosure Vulnerability

CVE ID : CVE-2024-51770 Published : July 14, 2025, 11:15 a.m. | 4 hours, 32 minutes ago Description : An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7595 - "Job Diary SQL Injection Vulnerability"

CVE ID : CVE-2025-7595 Published : July 14, 2025, 11:15 a.m. | 4 hours, 32 minutes ago Description : A vulnerability was found in code-projects Job Diary 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view-cad.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2024-51767 - HPE AutoPass License Server Authentication Bypass Vulnerability

CVE ID : CVE-2024-51767 Published : July 14, 2025, 11:15 a.m. | 3 hours, 27 minutes ago Description : An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2024-51768 - HPE AutoPass License Server HSQLDB Remote Code Execution Vulnerability

CVE ID : CVE-2024-51768 Published : July 14, 2025, 11:15 a.m. | 3 hours, 27 minutes ago Description : An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2024-51769 - HPE AutoPass License Server (APLS) Information Disclosure Vulnerability

CVE ID : CVE-2024-51769 Published : July 14, 2025, 11:15 a.m. | 3 hours, 27 minutes ago Description : An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 11:15:00 GMT

read more

CVE-2025-7593 - Job Diary SQL Injection Vulnerability

CVE ID : CVE-2025-7593 Published : July 14, 2025, 10:15 a.m. | 4 hours, 27 minutes ago Description : A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view-all.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2025-7594 - Job Diary SQL Injection Vulnerability

CVE ID : CVE-2025-7594 Published : July 14, 2025, 10:15 a.m. | 4 hours, 27 minutes ago Description : A vulnerability was found in code-projects Job Diary 1.0. It has been classified as critical. This affects an unknown part of the file /view-emp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2024-26293 - Avid Nexis gSOAP Unauthenticated Path Traversal Vulnerability

CVE ID : CVE-2024-26293 Published : July 14, 2025, 10:15 a.m. | 3 hours ago Description : The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance (SDA+): before 2025.5.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2025-53689 - Apache Jackrabbit XXE Injection Vulnerability

CVE ID : CVE-2025-53689 Published : July 14, 2025, 10:15 a.m. | 3 hours ago Description : Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit 2.23.2 due to usage of an unsecured document build to load privileges. Users are recommended to upgrade to versions 2.20.17 (Java 8), 2.22.1 (Java 11) or 2.23.2 (Java 11, beta versions), which fix this issue. Earlier versions (up to 2.20.16) are not supported anymore, thus users should update to the respective supported version. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2025-7592 - PHPGurukul Dairy Farm Shop Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7592 Published : July 14, 2025, 10:15 a.m. | 3 hours ago Description : A vulnerability has been found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file invoices.php. The manipulation of the argument del leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 10:15:00 GMT

read more

CVE-2024-26292 - Avid NEXIS E-series, F-series, PRO+, SDA+: Authenticated Arbitrary File Deletion Vulnerability

CVE ID : CVE-2024-26292 Published : July 14, 2025, 9:15 a.m. | 4 hours ago Description : An authenticated Arbitrary File Deletion vulnerability enables an attacker to delete critical files. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance (SDA+): before 2025.5.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-24391 - OTRS Information Disclosure

CVE ID : CVE-2025-24391 Published : July 14, 2025, 9:15 a.m. | 4 hours ago Description : A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the existence of user accounts through different HTTP response codes and messages. This enables an attacker to systematically identify valid email addresses. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * OTRS 2025.X Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7587 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7587 Published : July 14, 2025, 9:15 a.m. | 4 hours ago Description : A vulnerability was found in code-projects Online Appointment Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cover.php. The manipulation of the argument uname/psw leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7588 - PHPGurukul Dairy Farm Shop Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7588 Published : July 14, 2025, 9:15 a.m. | 4 hours ago Description : A vulnerability classified as critical has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This affects an unknown part of the file edit-product.php. The manipulation of the argument productname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7589 - PHPGurukul Dairy Farm Shop Management System SQL Injection

CVE ID : CVE-2025-7589 Published : July 14, 2025, 9:15 a.m. | 4 hours ago Description : A vulnerability classified as critical was found in PHPGurukul Dairy Farm Shop Management System 1.3. This vulnerability affects unknown code of the file edit-company.php. The manipulation of the argument companyname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7590 - PHPGurukul Dairy Farm Shop Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7590 Published : July 14, 2025, 9:15 a.m. | 4 hours ago Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This issue affects some unknown processing of the file edit-category.php. The manipulation of the argument categorycode leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7591 - PHPGurukul Dairy Farm Shop Management System SQL Injection

CVE ID : CVE-2025-7591 Published : July 14, 2025, 9:15 a.m. | 4 hours ago Description : A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System 1.3. Affected is an unknown function of the file view-invoice.php. The manipulation of the argument invid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2024-26291 - Avid NEXIS Unauthenticated Arbitrary File Read Vulnerability

CVE ID : CVE-2024-26291 Published : July 14, 2025, 9:15 a.m. | 2 hours, 32 minutes ago Description : An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate the path thus allowing users to read arbitrary files. As the application runs with the highest privileges (root/NT_AUTHORITY SYSTEM) by default attackers are able to obtain sensitive information. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance (SDA+): before 2025.5.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 09:15:00 GMT

read more

CVE-2025-7584 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7584 Published : July 14, 2025, 8:15 a.m. | 3 hours, 32 minutes ago Description : A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown processing of the file /admin/add-team.php. The manipulation of the argument teammember leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 08:15:00 GMT

read more

CVE-2025-7585 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7585 Published : July 14, 2025, 8:15 a.m. | 3 hours, 32 minutes ago Description : A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an unknown function of the file /admin/manage-site.php. The manipulation of the argument webtitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 08:15:00 GMT

read more

CVE-2025-7586 - Tenda AC500 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7586 Published : July 14, 2025, 8:15 a.m. | 3 hours, 32 minutes ago Description : A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been declared as critical. Affected by this vulnerability is the function formSetAPCfg of the file /goform/setWtpData. The manipulation of the argument radio_2g_1 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 08:15:00 GMT

read more

CVE-2025-7583 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7583 Published : July 14, 2025, 8:15 a.m. | 2 hours, 25 minutes ago Description : A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /admin/all-requests.php. The manipulation of the argument teamid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 08:15:00 GMT

read more

CVE-2025-7579 - Chinese-Poetry Regular Expression Denial of Service (DoS)

CVE ID : CVE-2025-7579 Published : July 14, 2025, 7:15 a.m. | 3 hours, 25 minutes ago Description : A vulnerability was found in chinese-poetry 0.1. It has been rated as problematic. This issue affects some unknown processing of the file rank/server.js. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 07:15:00 GMT

read more

CVE-2025-7580 - Code-projects Voting System SQL Injection

CVE ID : CVE-2025-7580 Published : July 14, 2025, 7:15 a.m. | 3 hours, 25 minutes ago Description : A vulnerability classified as critical was found in code-projects Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/positions_row.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 07:15:00 GMT

read more

CVE-2025-7581 - Code-Projects Voting System SQL Injection Vulnerability

CVE ID : CVE-2025-7581 Published : July 14, 2025, 7:15 a.m. | 3 hours, 25 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/positions_edit.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 07:15:00 GMT

read more

CVE-2025-7582 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7582 Published : July 14, 2025, 7:15 a.m. | 3 hours, 25 minutes ago Description : A vulnerability, which was classified as critical, was found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/assigned-requests.php. The manipulation of the argument teamid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 07:15:00 GMT

read more

CVE-2025-7575 - Zavy86 WikiDocs Remote Path Traversal Vulnerability

CVE ID : CVE-2025-7575 Published : July 14, 2025, 6:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability has been found in Zavy86 WikiDocs up to 1.0.77 and classified as critical. Affected by this vulnerability is the function image_drop_upload_ajax/image_delete_ajax of the file submit.php. The manipulation leads to path traversal. The attack can be launched remotely. Upgrading to version 1.0.78 is able to address this issue. The identifier of the patch is 98ea9ee4a2052c4327f89d2f7688cc1b5749450d. It is recommended to upgrade the affected component. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-7576 - Teledyne FLIR FB-Series and FH-Series Remote File Access Control Bypass Vulnerability

CVE ID : CVE-2025-7576 Published : July 14, 2025, 6:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 and classified as critical. Affected by this issue is some unknown functionality of the file /priv/production/production.html of the component Production Tools. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-7577 - Teledyne FLIR FB-Series/FLIR FH-Series Remote Hard-Coded Password Vulnerability

CVE ID : CVE-2025-7577 Published : July 14, 2025, 6:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-7578 - Teledyne FLIR FB-Series and FH-Series Command Injection Vulnerability

CVE ID : CVE-2025-7578 Published : July 14, 2025, 6:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been declared as critical. This vulnerability affects the function sendCommand of the file runcmd.sh. The manipulation of the argument cmd leads to command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The researcher highlights, that "[a]lthough this functionality is currently disabled due to server CGI configuration errors, it is essentially a 'time bomb' waiting to be activated". The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-7380 - "ADM Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-7380 Published : July 14, 2025, 6:15 a.m. | 2 hours, 58 minutes ago Description : A stored Cross-Site Scripting (XSS) vulnerability exists in the Access Control of ADM, the issue allows an attacker to inject malicious scripts into the folder name field while creating a new shared folder. These scripts are not properly sanitized and will be executed when the folder name is subsequently displayed in the user interface. This allows attackers to execute arbitrary JavaScript in the context of another user's session, potentially accessing session cookies or other sensitive data. Affected products and versions include: from ADM 4.1.0 to ADM 4.3.3.RH61 as well as ADM 5.0.0.RIN1 and earlier. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 06:15:00 GMT

read more

CVE-2025-29606 - Libp2p RSA Key DoS

CVE ID : CVE-2025-29606 Published : July 14, 2025, 5:15 a.m. | 3 hours, 58 minutes ago Description : py-libp2p before 0.2.3 allows a peer to cause a denial of service (resource consumption) via a large RSA key. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7571 - UTT HiPER 840G Buffer Overflow Vulnerability

CVE ID : CVE-2025-7571 Published : July 14, 2025, 5:15 a.m. | 3 hours, 58 minutes ago Description : A vulnerability classified as critical has been found in UTT HiPER 840G up to 3.1.1-190328. This affects an unknown part of the file /goform/aspApBasicConfigUrcp. The manipulation of the argument Username leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7572 - LB-LINK Lighttpd CGI Information Disclosure

CVE ID : CVE-2025-7572 Published : July 14, 2025, 5:15 a.m. | 3 hours, 58 minutes ago Description : A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This vulnerability affects the function bs_GetHostInfo in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7573 - "LB-LINK Lighttpd Cgi- Bin Information Disclosure Vulnerability"

CVE ID : CVE-2025-7573 Published : July 14, 2025, 5:15 a.m. | 3 hours, 58 minutes ago Description : A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This issue affects the function bs_GetManPwd in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7574 - LB-LINK Web Interface Improper Authentication Vulnerability

CVE ID : CVE-2025-7574 Published : July 14, 2025, 5:15 a.m. | 3 hours, 58 minutes ago Description : A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 05:15:00 GMT

read more

CVE-2025-7566 - jshERP Path Traversal Vulnerability

CVE ID : CVE-2025-7566 Published : July 14, 2025, 4:15 a.m. | 4 hours, 58 minutes ago Description : A vulnerability has been found in jshERP up to 3.5 and classified as critical. This vulnerability affects the function exportExcelByParam of the file /src/main/java/com/jsh/erp/controller/SystemConfigController.java. The manipulation of the argument Title leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7567 - ShopXO Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7567 Published : July 14, 2025, 4:15 a.m. | 4 hours, 58 minutes ago Description : A vulnerability was found in ShopXO up to 6.5.0 and classified as problematic. This issue affects some unknown processing of the file header.html. The manipulation of the argument lang/system_type leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7568 - FoxCMS SQL Injection Vulnerability

CVE ID : CVE-2025-7568 Published : July 14, 2025, 4:15 a.m. | 4 hours, 58 minutes ago Description : A vulnerability was found in qianfox FoxCMS up to 1.2.5. It has been classified as critical. Affected is the function batchCope of the file app/admin/controller/Video.php. The manipulation of the argument ids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7569 - Bigotry OneBase Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7569 Published : July 14, 2025, 4:15 a.m. | 4 hours, 58 minutes ago Description : A vulnerability was found in Bigotry OneBase up to 1.3.6. It has been declared as problematic. Affected by this vulnerability is the function parse_args of the file /tpl/think_exception.tpl. The manipulation of the argument args leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7570 - UTT HiPER 840G Remote Buffer Overflow Vulnerability

CVE ID : CVE-2025-7570 Published : July 14, 2025, 4:15 a.m. | 4 hours, 58 minutes ago Description : A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rated as critical. Affected by this issue is some unknown functionality of the file /goform/aspRemoteApConfTempSend. The manipulation of the argument remoteSrcTemp leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7619 - WellChoose BatchSignCS Arbitrary File Write Vulnerability

CVE ID : CVE-2025-7619 Published : July 14, 2025, 4:15 a.m. | 4 hours, 57 minutes ago Description : BatchSignCS, a background Windows application developed by WellChoose, has an Arbitrary File Write vulnerability. If a user visits a malicious website while the application is running, remote attackers can write arbitrary files to any path and potentially lead to arbitrary code execution. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7620 - Digitware System Integration Corporation Cross-Browser Document Creation Remote Code Execution

CVE ID : CVE-2025-7620 Published : July 14, 2025, 4:15 a.m. | 4 hours, 57 minutes ago Description : The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause the system to download and execute arbitrary programs. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7565 - LB-LINK BL-AC3600 Web Management Interface Information Disclosure Vulnerability

CVE ID : CVE-2025-7565 Published : July 14, 2025, 4:15 a.m. | 2 hours, 24 minutes ago Description : A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function geteasycfg of the file /cgi-bin/lighttpd.cgi of the component Web Management Interface. The manipulation of the argument Password leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 04:15:00 GMT

read more

CVE-2025-7451 - iSherlock OS Command Injection Vulnerability

CVE ID : CVE-2025-7451 Published : July 14, 2025, 3:15 a.m. | 3 hours, 24 minutes ago Description : The iSherlock developed by Hgiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. This vulnerability has already been exploited. Please update immediately. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 03:15:00 GMT

read more

CVE-2025-7562 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7562 Published : July 14, 2025, 3:15 a.m. | 3 hours, 24 minutes ago Description : A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. Affected is an unknown function of the file /admin/new-requests.php. The manipulation of the argument teamid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 03:15:00 GMT

read more

CVE-2025-7563 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7563 Published : July 14, 2025, 3:15 a.m. | 3 hours, 24 minutes ago Description : A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. Affected by this vulnerability is an unknown functionality of the file /admin/completed-requests.php. The manipulation of the argument teamid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 03:15:00 GMT

read more

CVE-2025-7564 - LB-LINK BL-AC3600 Hard-Coded Credentials Vulnerability

CVE ID : CVE-2025-7564 Published : July 14, 2025, 3:15 a.m. | 3 hours, 24 minutes ago Description : A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 03:15:00 GMT

read more

CVE-2025-7559 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7559 Published : July 14, 2025, 2:15 a.m. | 4 hours, 24 minutes ago Description : A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-report-result.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 02:15:00 GMT

read more

CVE-2025-7560 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7560 Published : July 14, 2025, 2:15 a.m. | 4 hours, 24 minutes ago Description : A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. This vulnerability affects unknown code of the file /admin/workin-progress-requests.php. The manipulation of the argument teamid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 02:15:00 GMT

read more

CVE-2025-7561 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7561 Published : July 14, 2025, 2:15 a.m. | 4 hours, 24 minutes ago Description : A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. This issue affects some unknown processing of the file /admin/team-ontheway-requests.php. The manipulation of the argument teamid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 02:15:00 GMT

read more

CVE-2025-25180 - Apache GPU Driver GPU Escalation of Privilege

CVE ID : CVE-2025-25180 Published : July 14, 2025, 2:15 a.m. | 3 hours, 32 minutes ago Description : Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 02:15:00 GMT

read more

CVE-2025-7555 - "Code-projects Voting System SQL Injection Vulnerability"

CVE ID : CVE-2025-7555 Published : July 14, 2025, 1:15 a.m. | 4 hours, 32 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. This issue affects some unknown processing of the file /admin/voters_add.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-7556 - Code-projects Voting System SQL Injection Vulnerability

CVE ID : CVE-2025-7556 Published : July 14, 2025, 1:15 a.m. | 4 hours, 32 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Voting System 1.0. Affected is an unknown function of the file /admin/voters_edit.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-7557 - "Code-projects Voting System SQL Injection Vulnerability"

CVE ID : CVE-2025-7557 Published : July 14, 2025, 1:15 a.m. | 4 hours, 32 minutes ago Description : A vulnerability has been found in code-projects Voting System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/voters_row.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-7558 - "Code-projects Voting System SQL Injection Vulnerability"

CVE ID : CVE-2025-7558 Published : July 14, 2025, 1:15 a.m. | 4 hours, 32 minutes ago Description : A vulnerability was found in code-projects Voting System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/positions_add.php. The manipulation of the argument description leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-7554 - Sapido RB-1802 Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7554 Published : July 14, 2025, 1:15 a.m. | 3 hours, 25 minutes ago Description : A vulnerability classified as problematic was found in Sapido RB-1802 1.0.32. This vulnerability affects unknown code of the file urlfilter.asp of the component URL Filtering Page. The manipulation of the argument URL address leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 01:15:00 GMT

read more

CVE-2025-1384 - Omron NJ/NX-series Least Privilege Violation Remote Code Execution

CVE ID : CVE-2025-1384 Published : July 14, 2025, 12:15 a.m. | 4 hours, 25 minutes ago Description : Least Privilege Violation (CWE-272) Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Software. An attacker may use this vulnerability to perform unauthorized access and to execute unauthorized code remotely to the controller products. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 00:15:00 GMT

read more

CVE-2025-7551 - Tenda FH1201 PPTPDClient Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7551 Published : July 14, 2025, 12:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been declared as critical. Affected by this vulnerability is the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument modino/username leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 00:15:00 GMT

read more

CVE-2025-7552 - Dromara Northstar Remote Path Traversal Vulnerability

CVE ID : CVE-2025-7552 Published : July 14, 2025, 12:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability was found in Dromara Northstar up to 7.3.5. It has been rated as critical. Affected by this issue is the function preHandle of the file northstar-main/src/main/java/org/dromara/northstar/web/interceptor/AuthorizationInterceptor.java of the component Path Handler. The manipulation of the argument Request leads to improper access controls. The attack may be launched remotely. Upgrading to version 7.3.6 is able to address this issue. The patch is identified as 8d521bbf531de59b09b8629a9cbf667870ad2541. It is recommended to upgrade the affected component. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 00:15:00 GMT

read more

CVE-2025-7553 - D-Link DIR-818LW Remote OS Command Injection Vulnerability

CVE ID : CVE-2025-7553 Published : July 14, 2025, 12:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This affects an unknown part of the component System Time Page. The manipulation of the argument NTP Server leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 14 Jul 2025 00:15:00 GMT

read more

CVE-2025-1220 - Apache PHP Null Character Injection Vulnerability

CVE ID : CVE-2025-1220 Published : July 13, 2025, 11:15 p.m. | 4 hours, 59 minutes ago Description : In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-1735 - Apache PHP PostgreSQL Unchecked Quoting Function Error

CVE ID : CVE-2025-1735 Published : July 13, 2025, 11:15 p.m. | 4 hours, 59 minutes ago Description : In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7547 - Campcodes Online Movie Theater Seat Reservation System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7547 Published : July 13, 2025, 11:15 p.m. | 4 hours, 59 minutes ago Description : A vulnerability, which was classified as critical, was found in Campcodes Online Movie Theater Seat Reservation System 1.0. This affects the function save_movie of the file /admin/admin_class.php. The manipulation of the argument cover leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7548 - Tenda FH1201 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7548 Published : July 13, 2025, 11:15 p.m. | 4 hours, 59 minutes ago Description : A vulnerability has been found in Tenda FH1201 1.2.0.14(408) and classified as critical. This vulnerability affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7549 - Tenda FH1201 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7549 Published : July 13, 2025, 11:15 p.m. | 4 hours, 59 minutes ago Description : A vulnerability was found in Tenda FH1201 1.2.0.14(408) and classified as critical. This issue affects the function frmL7ProtForm of the file /goform/L7Prot. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7550 - Tenda FH1201 Buffer Overflow Vulnerability

CVE ID : CVE-2025-7550 Published : July 13, 2025, 11:15 p.m. | 4 hours, 59 minutes ago Description : A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been classified as critical. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 23:15:00 GMT

read more

CVE-2025-7545 - "GNU Binutils Heap-Based Buffer Overflow"

CVE ID : CVE-2025-7545 Published : July 13, 2025, 10:15 p.m. | 5 hours, 59 minutes ago Description : A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-7546 - GNU Binutils Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-7546 Published : July 13, 2025, 10:15 p.m. | 5 hours, 59 minutes ago Description : A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2024-58258 - SugarCRM SSRF Vulnerability

CVE ID : CVE-2024-58258 Published : July 13, 2025, 10:15 p.m. | 4 hours, 51 minutes ago Description : SugarCRM before 13.0.4 and 14.x before 14.0.1 allows SSRF in the API module because a limited type of code injection can occur. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-6491 - Apache PHP SOAP XML Namespace Prefix Overflow Vulnerability

CVE ID : CVE-2025-6491 Published : July 13, 2025, 10:15 p.m. | 4 hours, 51 minutes ago Description : In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-7543 - PHPGurukul User Registration Login and User Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7543 Published : July 13, 2025, 10:15 p.m. | 4 hours, 51 minutes ago Description : A vulnerability was found in PHPGurukul User Registration & Login and User Management System 3.3. It has been classified as critical. This affects an unknown part of the file /admin/manage-users.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-7544 - Tenda AC1206 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7544 Published : July 13, 2025, 10:15 p.m. | 4 hours, 51 minutes ago Description : A vulnerability was found in Tenda AC1206 15.03.06.23. It has been rated as critical. This issue affects the function formSetMacFilterCfg of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 22:15:00 GMT

read more

CVE-2025-7541 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7541 Published : July 13, 2025, 9:15 p.m. | 2 hours, 32 minutes ago Description : A vulnerability has been found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /get_town.php. The manipulation of the argument countryid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 21:15:00 GMT

read more

CVE-2025-7542 - PHPGurukul User Registration Login and User Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7542 Published : July 13, 2025, 9:15 p.m. | 2 hours, 32 minutes ago Description : A vulnerability was found in PHPGurukul User Registration & Login and User Management System 3.3 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/user-profile.php. The manipulation of the argument uid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 21:15:00 GMT

read more

CVE-2025-53865 - Roundup Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-53865 Published : July 13, 2025, 8:15 p.m. | 3 hours, 32 minutes ago Description : In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates (devel and responsive). Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 20:15:00 GMT

read more

CVE-2025-7539 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7539 Published : July 13, 2025, 8:15 p.m. | 3 hours, 32 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects some unknown processing of the file /getdoctordaybooking.php. The manipulation of the argument cid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 20:15:00 GMT

read more

CVE-2025-7540 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7540 Published : July 13, 2025, 8:15 p.m. | 3 hours, 32 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /getclinic.php. The manipulation of the argument townid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 20:15:00 GMT

read more

CVE-2025-7537 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-7537 Published : July 13, 2025, 7:15 p.m. | 4 hours, 32 minutes ago Description : A vulnerability classified as critical has been found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /pages/product_update.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 19:15:00 GMT

read more

CVE-2025-7538 - Campcodes Sales and Inventory System File Upload Vulnerability

CVE ID : CVE-2025-7538 Published : July 13, 2025, 7:15 p.m. | 4 hours, 32 minutes ago Description : A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/product_update.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 19:15:00 GMT

read more

CVE-2025-7535 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-7535 Published : July 13, 2025, 6:15 p.m. | 5 hours, 32 minutes ago Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /pages/reprint_cash.php. The manipulation of the argument sid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 18:15:00 GMT

read more

CVE-2025-7536 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-7536 Published : July 13, 2025, 6:15 p.m. | 5 hours, 32 minutes ago Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pages/receipt_credit.php. The manipulation of the argument sid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 18:15:00 GMT

read more

CVE-2025-7533 - "Code-projects Job Diary SQL Injection"

CVE ID : CVE-2025-7533 Published : July 13, 2025, 5:15 p.m. | 6 hours, 32 minutes ago Description : A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. This issue affects some unknown processing of the file /view-details.php. The manipulation of the argument job_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 17:15:00 GMT

read more

CVE-2025-7534 - "PHPGurukul Student Result Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-7534 Published : July 13, 2025, 5:15 p.m. | 6 hours, 32 minutes ago Description : A vulnerability was found in PHPGurukul Student Result Management System 2.0. It has been classified as critical. Affected is an unknown function of the file /notice-details.php of the component GET Parameter Handler. The manipulation of the argument nid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 17:15:00 GMT

read more

CVE-2025-7531 - Tenda FH1202 PPTP Remote Stack Buffer Overflow Vulnerability

CVE ID : CVE-2025-7531 Published : July 13, 2025, 4:15 p.m. | 7 hours, 32 minutes ago Description : A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14(408). This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 16:15:00 GMT

read more

CVE-2025-7532 - Tenda FH1202 Critical Stack-Based Buffer Overflow

CVE ID : CVE-2025-7532 Published : July 13, 2025, 4:15 p.m. | 7 hours, 32 minutes ago Description : A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. This vulnerability affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 16:15:00 GMT

read more

CVE-2025-7530 - Tenda PPTPDClient Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7530 Published : July 13, 2025, 3:15 p.m. | 7 hours, 14 minutes ago Description : A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument Username leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 15:15:00 GMT

read more

CVE-2025-7528 - Tenda FH1202 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7528 Published : July 13, 2025, 12:15 p.m. | 10 hours, 14 minutes ago Description : A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 12:15:00 GMT

read more

CVE-2025-7529 - Tenda FH1202 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7529 Published : July 13, 2025, 12:15 p.m. | 10 hours, 14 minutes ago Description : A vulnerability classified as critical was found in Tenda FH1202 1.2.0.14(408). Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 12:15:00 GMT

read more

CVE-2025-7527 - Tenda FH1202 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7527 Published : July 13, 2025, 11:15 a.m. | 11 hours, 14 minutes ago Description : A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 11:15:00 GMT

read more

CVE-2025-7525 - TOTOLINK T6 HTTP POST Request Handler Command Injection Vulnerability

CVE ID : CVE-2025-7525 Published : July 13, 2025, 10:15 a.m. | 12 hours, 14 minutes ago Description : A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 10:15:00 GMT

read more

CVE-2025-7524 - "TOTOLINK T6 HTTP POST Request Handler Command Injection Vulnerability"

CVE ID : CVE-2025-7524 Published : July 13, 2025, 9:15 a.m. | 13 hours, 14 minutes ago Description : A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 09:15:00 GMT

read more

CVE-2025-7012 - Cato Networks CatoClient Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-7012 Published : July 13, 2025, 8:15 a.m. | 14 hours, 14 minutes ago Description : An issue in Cato Networks' CatoClient for Linux, before version 5.5, allows a local attacker to escalate privileges to root by exploiting improper symbolic link handling. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 08:15:00 GMT

read more

CVE-2025-7522 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7522 Published : July 13, 2025, 7:15 a.m. | 15 hours, 14 minutes ago Description : A vulnerability has been found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 07:15:00 GMT

read more

CVE-2025-7523 - Jinher OA XXE Vulnerability

CVE ID : CVE-2025-7523 Published : July 13, 2025, 7:15 a.m. | 15 hours, 14 minutes ago Description : A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. The manipulation leads to xml external entity reference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 07:15:00 GMT

read more

CVE-2025-7521 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7521 Published : July 13, 2025, 6:15 a.m. | 16 hours, 14 minutes ago Description : A vulnerability, which was classified as critical, was found in PHPGurukul Vehicle Parking Management System 1.13. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 06:15:00 GMT

read more

CVE-2025-7517 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7517 Published : July 13, 2025, 5:15 a.m. | 17 hours, 14 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects some unknown processing of the file /getDay.php. The manipulation of the argument cidval leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 05:15:00 GMT

read more

CVE-2025-7520 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7520 Published : July 13, 2025, 5:15 a.m. | 17 hours, 14 minutes ago Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Vehicle Parking Management System 1.13. This issue affects some unknown processing of the file /admin/manage-category.php. The manipulation of the argument del leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 05:15:00 GMT

read more

CVE-2025-7515 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7515 Published : July 13, 2025, 4:15 a.m. | 16 hours, 25 minutes ago Description : A vulnerability classified as critical has been found in code-projects Online Appointment Booking System 1.0. This affects an unknown part of the file /ulocateus.php. The manipulation of the argument doctorname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 04:15:00 GMT

read more

CVE-2025-7516 - Code-projects Online Appointment Booking System SQL Injection Vulnerability

CVE ID : CVE-2025-7516 Published : July 13, 2025, 4:15 a.m. | 16 hours, 25 minutes ago Description : A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. This vulnerability affects unknown code of the file /cancelbookingpatient.php. The manipulation of the argument appointment leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 04:15:00 GMT

read more

CVE-2025-7514 - Modern Bag SQL Injection Vulnerability

CVE ID : CVE-2025-7514 Published : July 13, 2025, 4:15 a.m. | 15 hours, 31 minutes ago Description : A vulnerability was found in code-projects Modern Bag 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/contact-list.php. The manipulation of the argument idStatus leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 04:15:00 GMT

read more

CVE-2025-7512 - "Modern Bag SQL Injection Vulnerability"

CVE ID : CVE-2025-7512 Published : July 13, 2025, 3:15 a.m. | 16 hours, 32 minutes ago Description : A vulnerability was found in code-projects Modern Bag 1.0. It has been classified as critical. Affected is an unknown function of the file /contact-back.php. The manipulation of the argument contact-name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 03:15:00 GMT

read more

CVE-2025-7513 - "Modern Bag SQL Injection Vulnerability"

CVE ID : CVE-2025-7513 Published : July 13, 2025, 3:15 a.m. | 16 hours, 32 minutes ago Description : A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/slideupdate.php. The manipulation of the argument idSlide leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 03:15:00 GMT

read more

CVE-2025-7511 - Code-projects Chat System SQL Injection Vulnerability

CVE ID : CVE-2025-7511 Published : July 13, 2025, 2:15 a.m. | 16 hours, 45 minutes ago Description : A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/update_account.php. The manipulation of the argument musername leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 02:15:00 GMT

read more

CVE-2025-7510 - Code-projects Modern Bag SQL Injection Vulnerability

CVE ID : CVE-2025-7510 Published : July 13, 2025, 1:15 a.m. | 17 hours, 44 minutes ago Description : A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/productadd_back.php. The manipulation of the argument namepro leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 01:15:00 GMT

read more

CVE-2025-7509 - "Modern Bag SQL Injection Vulnerability"

CVE ID : CVE-2025-7509 Published : July 13, 2025, 1:15 a.m. | 17 hours, 14 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /admin/slide.php. The manipulation of the argument idSlide leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 01:15:00 GMT

read more

CVE-2025-7508 - Modern Bag SQL Injection Vulnerability

CVE ID : CVE-2025-7508 Published : July 13, 2025, 12:15 a.m. | 18 hours, 14 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Modern Bag 1.0. Affected by this issue is some unknown functionality of the file /admin/product-update.php. The manipulation of the argument idProduct leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 13 Jul 2025 00:15:00 GMT

read more

CVE-2025-7505 - Tenda FH451 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7505 Published : July 12, 2025, 11:15 p.m. | 16 hours, 31 minutes ago Description : A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 23:15:00 GMT

read more

CVE-2025-7506 - Tenda FH451 HTTP POST Request Handler Stack-Based Buffer Overflow

CVE ID : CVE-2025-7506 Published : July 12, 2025, 11:15 p.m. | 16 hours, 31 minutes ago Description : A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 23:15:00 GMT

read more

CVE-2025-7492 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7492 Published : July 12, 2025, 10:15 p.m. | 17 hours, 31 minutes ago Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/manage-incomingvehicle.php. The manipulation of the argument del leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 22:15:00 GMT

read more

CVE-2025-7491 - PHPGurukul Vehicle Parking Management System SQL Injection

CVE ID : CVE-2025-7491 Published : July 12, 2025, 9:15 p.m. | 18 hours, 31 minutes ago Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-outgoingvehicle.php. The manipulation of the argument del leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 21:15:00 GMT

read more

CVE-2025-7490 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7490 Published : July 12, 2025, 9:15 p.m. | 17 hours, 14 minutes ago Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been classified as critical. Affected is an unknown function of the file /admin/reg-users.php. The manipulation of the argument del leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 21:15:00 GMT

read more

CVE-2025-7488 - JoeyBling SpringBoot_MyBatisPlus Remote File Path Traversal Vulnerability

CVE ID : CVE-2025-7488 Published : July 12, 2025, 8:15 p.m. | 16 hours, 14 minutes ago Description : A vulnerability has been found in JoeyBling SpringBoot_MyBatisPlus up to a6a825513bd688f717dbae3a196bc9c9622fea26 and classified as critical. This vulnerability affects the function Download of the file /file/download. The manipulation of the argument Name leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 20:15:00 GMT

read more

CVE-2025-7489 - "PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-7489 Published : July 12, 2025, 8:15 p.m. | 16 hours, 14 minutes ago Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 20:15:00 GMT

read more

CVE-2025-7485 - Open5GS Reachable Assertion Vulnerability

CVE ID : CVE-2025-7485 Published : July 12, 2025, 7:15 p.m. | 15 hours, 13 minutes ago Description : A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_recv_handler/s1ap_recv_handler/recv_handler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached locally. The patch is named cfa44575020f3fb045fd971358442053c8684d3d. It is recommended to apply a patch to fix this issue. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 19:15:00 GMT

read more

CVE-2025-7487 - JoeyBling SpringBoot_MyBatisPlus Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7487 Published : July 12, 2025, 7:15 p.m. | 15 hours, 13 minutes ago Description : A vulnerability, which was classified as critical, was found in JoeyBling SpringBoot_MyBatisPlus up to a6a825513bd688f717dbae3a196bc9c9622fea26. This affects the function SysFileController of the file /file/upload. The manipulation of the argument portraitFile leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 19:15:00 GMT

read more

CVE-2025-7484 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7484 Published : July 12, 2025, 6:15 p.m. | 14 hours, 39 minutes ago Description : A vulnerability classified as critical has been found in PHPGurukul Vehicle Parking Management System 1.13. Affected is an unknown function of the file /admin/view-outgoingvehicle-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 18:15:00 GMT

read more

CVE-2025-7483 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7483 Published : July 12, 2025, 6:15 p.m. | 13 hours, 31 minutes ago Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been rated as critical. This issue affects some unknown processing of the file /users/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 18:15:00 GMT

read more

CVE-2025-7481 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7481 Published : July 12, 2025, 5:15 p.m. | 13 hours, 38 minutes ago Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been classified as critical. This affects an unknown part of the file /users/profile.php. The manipulation of the argument firstname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 17:15:00 GMT

read more

CVE-2025-7482 - PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7482 Published : July 12, 2025, 5:15 p.m. | 13 hours, 38 minutes ago Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been declared as critical. This vulnerability affects unknown code of the file /users/print.php. The manipulation of the argument vid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 17:15:00 GMT

read more

CVE-2024-41169 - Apache Zeppelin Raft Server Protocol Unauthenticated Directory Disclosure

CVE ID : CVE-2024-41169 Published : July 12, 2025, 5:15 p.m. | 13 hours, 13 minutes ago Description : The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server's resources, including directories and files. This issue affects Apache Zeppelin: from 0.10.1 up to 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue by removing the Cluster Interpreter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 17:15:00 GMT

read more

CVE-2025-7479 - PHPGurukul Vehicle Parking Management System SQL Injection

CVE ID : CVE-2025-7479 Published : July 12, 2025, 4:15 p.m. | 12 hours, 13 minutes ago Description : A vulnerability has been found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /users/view--detail.php. The manipulation of the argument viewid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 16:15:00 GMT

read more

CVE-2025-7480 - PHPGurukul Vehicle Parking Management System SQL Injection

CVE ID : CVE-2025-7480 Published : July 12, 2025, 4:15 p.m. | 12 hours, 13 minutes ago Description : A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this issue is some unknown functionality of the file /users/signup.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 16:15:00 GMT

read more

CVE-2025-7477 - Apache Simple Car Rental System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7477 Published : July 12, 2025, 3:15 p.m. | 13 hours, 13 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Simple Car Rental System 1.0. This issue affects some unknown processing of the file /admin/add_cars.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 15:15:00 GMT

read more

CVE-2025-7478 - Apache Code-Projects Modern Bag SQL Injection Vulnerability

CVE ID : CVE-2025-7478 Published : July 12, 2025, 3:15 p.m. | 13 hours, 13 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. Affected is an unknown function of the file /admin/category-list.php. The manipulation of the argument idCate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 15:15:00 GMT

read more

CVE-2025-7476 - Simple Car Rental System SQL Injection Vulnerability

CVE ID : CVE-2025-7476 Published : July 12, 2025, 2:15 p.m. | 14 hours, 13 minutes ago Description : A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. This vulnerability affects unknown code of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 14:15:00 GMT

read more

CVE-2025-7475 - Simple Car Rental System SQL Injection Vulnerability

CVE ID : CVE-2025-7475 Published : July 12, 2025, 1:15 p.m. | 13 hours, 13 minutes ago Description : A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. This affects an unknown part of the file /pay.php. The manipulation of the argument mpesa leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 13:15:00 GMT

read more

CVE-2025-7471 - Modern Bag SQL Injection Vulnerability

CVE ID : CVE-2025-7471 Published : July 12, 2025, 12:15 p.m. | 14 hours, 13 minutes ago Description : A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login-back.php. The manipulation of the argument user-name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2025-7474 - Job Diary SQL Injection Vulnerability

CVE ID : CVE-2025-7474 Published : July 12, 2025, 12:15 p.m. | 14 hours, 13 minutes ago Description : A vulnerability was found in code-projects Job Diary 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2020-36849 - WordPress AIT CSV Import/Export Plugin Arbitrary File Upload Vulnerability

CVE ID : CVE-2020-36849 Published : July 12, 2025, 12:15 p.m. | 12 hours, 13 minutes ago Description : The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for unauthorized attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2021-4458 - WordPress Modern Events Calendar Lite SQL Injection

CVE ID : CVE-2021-4458 Published : July 12, 2025, 12:15 p.m. | 12 hours, 13 minutes ago Description : The Modern Events Calendar Lite plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'wp_ajax_mec_load_single_page' AJAX action in all versions up to, and including, 6.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This is only exploitable on sites with addslashes disabled. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2025-36104 - IBM Storage Scale Information Disclosure

CVE ID : CVE-2025-36104 Published : July 12, 2025, 12:15 p.m. | 12 hours, 13 minutes ago Description : IBM Storage Scale 5.2.3.0 and 5.2.3.1 could allow an authenticated user to obtain sensitive information from files due to the insecure permissions inherited through the SMB protocol. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2020-36848 - BoldGrid WordPress Backup Plugin Sensitive Information Exposure

CVE ID : CVE-2020-36848 Published : July 12, 2025, 12:15 p.m. | 10 hours, 13 minutes ago Description : The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for unauthenticated attackers to find the location of back-up files and subsequently download them. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 12:15:00 GMT

read more

CVE-2025-7469 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-7469 Published : July 12, 2025, 11:15 a.m. | 11 hours, 13 minutes ago Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/product_add.php. The manipulation of the argument prod_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 11:15:00 GMT

read more

CVE-2025-7470 - Campcodes Sales and Inventory System Remote File Upload Vulnerability

CVE ID : CVE-2025-7470 Published : July 12, 2025, 11:15 a.m. | 11 hours, 13 minutes ago Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been classified as critical. Affected is an unknown function of the file /pages/product_add.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 11:15:00 GMT

read more

CVE-2020-36847 - WordPress Simple-File-List Remote Code Execution Vulnerability

CVE ID : CVE-2020-36847 Published : July 12, 2025, 10:15 a.m. | 9 hours, 59 minutes ago Description : The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 10:15:00 GMT

read more

CVE-2025-7518 - RSFirewall! WordPress Path Traversal Vulnerability

CVE ID : CVE-2025-7518 Published : July 12, 2025, 10:15 a.m. | 9 hours, 59 minutes ago Description : The RSFirewall! plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.1.42 via the get_local_filename() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 10:15:00 GMT

read more

CVE-2025-7468 - "Tenda FH1201 HTTP POST Request Handler Buffer Overflow"

CVE ID : CVE-2025-7468 Published : July 12, 2025, 9:15 a.m. | 10 hours, 59 minutes ago Description : A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 09:15:00 GMT

read more

CVE-2025-7504 - WordPress Friends Plugin PHP Object Injection Vulnerability

CVE ID : CVE-2025-7504 Published : July 12, 2025, 9:15 a.m. | 10 hours, 59 minutes ago Description : The Friends plugin for WordPress is vulnerable to PHP Object Injection in version 3.5.1 via deserialization of untrusted input of the query_vars parameter This makes it possible for authenticated attackers, with subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. This requires access to the sites SALT_NONCE and and SALT_KEY to exploit. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 09:15:00 GMT

read more

CVE-2025-7467 - "Modern Bag SQL Injection Vulnerability"

CVE ID : CVE-2025-7467 Published : July 12, 2025, 9:15 a.m. | 9 hours, 13 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /product-detail.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 09:15:00 GMT

read more

CVE-2025-6423 - BeeTeam368 Extensions WordPress Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-6423 Published : July 12, 2025, 8:15 a.m. | 10 hours, 13 minutes ago Description : The BeeTeam368 Extensions plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_submit_upload_file() function in all versions up to, and including, 2.3.5. This makes it possible for authenticated attackers with Subscriber-level access or higher to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 08:15:00 GMT

read more

CVE-2025-7466 - ABC Courier Management SQL Injection Vulnerability

CVE ID : CVE-2025-7466 Published : July 12, 2025, 8:15 a.m. | 10 hours, 13 minutes ago Description : A vulnerability, which was classified as critical, has been found in 1000projects ABC Courier Management 1.0. Affected by this issue is some unknown functionality of the file /add_dealerrequest.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 08:15:00 GMT

read more

CVE-2025-7465 - Tenda FH1201 HTTP POST Request Handler Buffer Overflow

CVE ID : CVE-2025-7465 Published : July 12, 2025, 7:15 a.m. | 11 hours, 13 minutes ago Description : A vulnerability classified as critical was found in Tenda FH1201 1.2.0.14. Affected by this vulnerability is the function fromRouteStatic of the file /goform/fromRouteStatic of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 07:15:00 GMT

read more

CVE-2025-7464 - GoBGP Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-7464 Published : July 12, 2025, 7:15 a.m. | 9 hours, 13 minutes ago Description : A vulnerability classified as problematic has been found in osrg GoBGP up to 3.37.0. Affected is the function SplitRTR of the file pkg/packet/rtr/rtr.go. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The name of the patch is e748f43496d74946d14fed85c776452e47b99d64. It is recommended to apply a patch to fix this issue. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 07:15:00 GMT

read more

CVE-2025-1313 - Nokri - Job Board WordPress Theme Privilege Escalation Vulnerability

CVE ID : CVE-2025-1313 Published : July 12, 2025, 6:15 a.m. | 10 hours, 13 minutes ago Description : The Nokri - Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.3. This is due to the plugin not properly validating a user's identity prior to updating their details like email address. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 06:15:00 GMT

read more

CVE-2025-7462 - Artifex GhostPDL Remote Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-7462 Published : July 12, 2025, 6:15 a.m. | 10 hours, 13 minutes ago Description : A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the function pdf_ferror of the file devices/vector/gdevpdf.c of the component New Output File Open Error Handler. The manipulation leads to null pointer dereference. It is possible to initiate the attack remotely. The identifier of the patch is 619a106ba4c4abed95110f84d5efcd7aee38c7cb. It is recommended to apply a patch to fix this issue. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 06:15:00 GMT

read more

CVE-2025-7463 - Tenda FH1201 HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-7463 Published : July 12, 2025, 6:15 a.m. | 10 hours, 13 minutes ago Description : A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declared as critical. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP POST Request Handler. The manipulation of the argument mit_ssid leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 06:15:00 GMT

read more

CVE-2025-7461 - Apache Modern Bag SQL Injection Vulnerability

CVE ID : CVE-2025-7461 Published : July 12, 2025, 5:15 a.m. | 11 hours, 13 minutes ago Description : A vulnerability was found in code-projects Modern Bag 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /action.php. The manipulation of the argument proId leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 05:15:00 GMT

read more

CVE-2025-6057 - WordPress WPBookit Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-6057 Published : July 12, 2025, 5:15 a.m. | 9 hours, 13 minutes ago Description : The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_image_upload() function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 05:15:00 GMT

read more

CVE-2025-6058 - WordPress WPBookit Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-6058 Published : July 12, 2025, 5:15 a.m. | 9 hours, 13 minutes ago Description : The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image_upload_handle() function hooked via the 'add_booking_type' route in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 05:15:00 GMT

read more

CVE-2025-24294 - Apache Resolv DNS Denial of Service Vulnerability

CVE ID : CVE-2025-24294 Published : July 12, 2025, 4:15 a.m. | 10 hours, 13 minutes ago Description : The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2024-38648 - Ivanti DSM Decryption Secret Disclosure

CVE ID : CVE-2024-38648 Published : July 12, 2025, 4:15 a.m. | 8 hours, 42 minutes ago Description : A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent network to decrypt sensitive data including user credentials. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2023-38036 - Ivanti Avalanche Manager Buffer Overflow Vulnerability

CVE ID : CVE-2023-38036 Published : July 12, 2025, 4:15 a.m. | 8 hours, 13 minutes ago Description : A security vulnerability within Ivanti Avalanche Manager before version 6.4.1 may allow an unauthenticated attacker to create a buffer overflow that could result in service disruption or arbitrary code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2023-39338 - Apache Sentry Unauthorized Service Access

CVE ID : CVE-2023-39338 Published : July 12, 2025, 4:15 a.m. | 8 hours, 13 minutes ago Description : Enables an authenticated user (enrolled device) to access a service protected by Sentry even if they are not authorized according to the sentry policy to access that service. It does not enable the user to authenticate to or use the service, it just provides the tunnel access. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2023-39339 - Ivanti Policy Secure Arbitrary File Read Vulnerability

CVE ID : CVE-2023-39339 Published : July 12, 2025, 4:15 a.m. | 8 hours, 13 minutes ago Description : A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an authenticated administrator can perform an arbitrary file read via a maliciously crafted web request. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 04:15:00 GMT

read more

CVE-2025-53877 - Apache Struts Command Injection

CVE ID : CVE-2025-53877 Published : July 12, 2025, 3:15 a.m. | 9 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53878 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-53878 Published : July 12, 2025, 3:15 a.m. | 9 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53879 - Apache Struts Deserialization Vulnerability

CVE ID : CVE-2025-53879 Published : July 12, 2025, 3:15 a.m. | 9 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53875 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53875 Published : July 12, 2025, 3:15 a.m. | 7 hours, 31 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53876 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-53876 Published : July 12, 2025, 3:15 a.m. | 7 hours, 31 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53873 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-53873 Published : July 12, 2025, 3:15 a.m. | 7 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53874 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-53874 Published : July 12, 2025, 3:15 a.m. | 7 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53871 - Apache HTTP Server Remote Command Execution

CVE ID : CVE-2025-53871 Published : July 12, 2025, 3:15 a.m. | 5 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-53872 - Cisco WebEx Meeting Center Unvalidated Redirect

CVE ID : CVE-2025-53872 Published : July 12, 2025, 3:15 a.m. | 5 hours, 13 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 03:15:00 GMT

read more

CVE-2025-5199 - Canonical Multipass Privilege Escalation Vulnerability

CVE ID : CVE-2025-5199 Published : July 12, 2025, 12:15 a.m. | 8 hours, 13 minutes ago Description : In Canonical Multipass up to and including version 1.15.1 on macOS, incorrect default permissions allow a local attacker to escalate privileges by modifying files executed with administrative privileges by a Launch Daemon during system startup. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 12 Jul 2025 00:15:00 GMT

read more

CVE-2025-53636 - Open OnDemand Shell App Log Flood Denial of Service Vulnerability

CVE ID : CVE-2025-53636 Published : July 11, 2025, 10:15 p.m. | 10 hours, 13 minutes ago Description : Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service (DoS) to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 22:15:00 GMT

read more

CVE-2025-7460 - TOTOLINK T6 HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-7460 Published : July 11, 2025, 10:15 p.m. | 10 hours, 13 minutes ago Description : A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 22:15:00 GMT

read more

CVE-2025-7457 - Campcodes Online Movie Theater Seat Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-7457 Published : July 11, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : A vulnerability, which was classified as critical, was found in Campcodes Online Movie Theater Seat Reservation System 1.0. This affects an unknown part of the file /admin/manage_movie.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 21:15:00 GMT

read more

CVE-2025-7459 - Code-projects Mobile Shop SQL Injection Vulnerability

CVE ID : CVE-2025-7459 Published : July 11, 2025, 9:15 p.m. | 9 hours, 31 minutes ago Description : A vulnerability classified as critical was found in code-projects Mobile Shop 1.0. This vulnerability affects unknown code of the file /EditMobile.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 21:15:00 GMT

read more

CVE-2025-7455 - Campcodes Online Movie Theater Seat Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-7455 Published : July 11, 2025, 8:15 p.m. | 10 hours, 13 minutes ago Description : A vulnerability classified as critical was found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /manage_reserve.php. The manipulation of the argument mid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 20:15:00 GMT

read more

CVE-2025-7456 - Campcodes Online Movie Theater Seat Reservation System SQL Injection

CVE ID : CVE-2025-7456 Published : July 11, 2025, 8:15 p.m. | 10 hours, 13 minutes ago Description : A vulnerability, which was classified as critical, has been found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected by this issue is some unknown functionality of the file /reserve.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 20:15:00 GMT

read more

CVE-2025-7503 - "Shenzhen Liandian Communication Technology LTD OEM IP Camera Telnet Default Credentials Remote Code Execution"

CVE ID : CVE-2025-7503 Published : July 11, 2025, 7:15 p.m. | 11 hours, 13 minutes ago Description : An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service (port 23) with undocumented, default credentials. The Telnet service is enabled by default and is not disclosed or configurable via the device’s web interface or user manual. An attacker with network access can authenticate using default credentials and gain root-level shell access to the device. The affected firmware version is AppFHE1_V1.0.6.0 (Kernel: KerFHE1_PTZ_WIFI_V3.1.1, Hardware: HwFHE1_WF6_PTZ_WIFI_20201218). No official fix or firmware update is available, and the vendor could not be contacted. This vulnerability allows for remote code execution and privilege escalation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-3631 - IBM MQ SIGSEGV in AMQRMPPA Channel Process

CVE ID : CVE-2025-3631 Published : July 11, 2025, 7:15 p.m. | 9 hours, 17 minutes ago Description : An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-7453 - "Saltbo Zpan JSON Web Token Handler Hard-Coded Password Vulnerability"

CVE ID : CVE-2025-7453 Published : July 11, 2025, 7:15 p.m. | 9 hours, 17 minutes ago Description : A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file zpan/internal/app/service/token.go of the component JSON Web Token Handler. The manipulation with the input 123 leads to use of hard-coded password. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-7454 - Campcodes Online Movie Theater Seat Reservation System SQL Injection Vulnerability

CVE ID : CVE-2025-7454 Published : July 11, 2025, 7:15 p.m. | 9 hours, 17 minutes ago Description : A vulnerability classified as critical has been found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected is an unknown function of the file /admin/manage_theater.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2013-3307 - Linksys E1000/E1200/E3200 OS Command Injection

CVE ID : CVE-2013-3307 Published : July 11, 2025, 7:15 p.m. | 9 hours, 13 minutes ago Description : Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell metacharacters in the apply.cgi ping_ip parameter on TCP port 52000. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-30403 - Mvfst QUIC Heap Buffer Overflow

CVE ID : CVE-2025-30403 Published : July 11, 2025, 7:15 p.m. | 9 hours, 13 minutes ago Description : A heap-buffer-overflow vulnerability is possible in mvfst via a specially crafted message during a QUIC session. This issue affects mvfst versions prior to v2025.07.07.00. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 19:15:00 GMT

read more

CVE-2025-53641 - Postiz SSRF Vulnerability

CVE ID : CVE-2025-53641 Published : July 11, 2025, 6:15 p.m. | 10 hours, 13 minutes ago Description : Postiz is an AI social media scheduling tool. From 1.45.1 to 1.62.3, the Postiz frontend application allows an attacker to inject arbitrary HTTP headers into the middleware pipeline. This flaw enables a server-side request forgery (SSRF) condition, which can be exploited to initiate unauthorized outbound requests from the server hosting the Postiz application. This vulnerability is fixed in 1.62.3. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 18:15:00 GMT

read more

CVE-2025-53642 - HAXcms Nodejs/PHP Session Invalidation and Refresh Token Vulnerability

CVE ID : CVE-2025-53642 Published : July 11, 2025, 6:15 p.m. | 10 hours, 13 minutes ago Description : haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 18:15:00 GMT

read more

CVE-2025-7452 - Kone-Net Go-Chat Path Traversal Vulnerability

CVE ID : CVE-2025-7452 Published : July 11, 2025, 6:15 p.m. | 10 hours, 13 minutes ago Description : A vulnerability was found in kone-net go-chat up to f9e58d0afa9bbdb31faf25e7739da330692c4c63. It has been declared as critical. This vulnerability affects the function GetFile of the file go-chat/api/v1/file_controller.go of the component Endpoint. The manipulation of the argument fileName leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 18:15:00 GMT

read more

CVE-2025-30402 - Apache ExecuTorch Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-30402 Published : July 11, 2025, 6:15 p.m. | 8 hours, 13 minutes ago Description : A heap-buffer-overflow vulnerability in the loading of ExecuTorch methods can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 18:15:00 GMT

read more

CVE-2024-47065 - Meshtastic Traceroute Rate Limiting Vulnerability

CVE ID : CVE-2024-47065 Published : July 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago Description : Meshtastic is an open source mesh networking solution. Prior to 2.5.1, traceroute responses from the remote node are not rate limited. Given that there are SNR measurements attributed to each received transmission, this is a guaranteed way to get a remote station to reliably and continuously respond. You could easily get 100 samples in a short amount of time (estimated 2 minutes), whereas passively doing the same could take hours or days. There are secondary effects that non-ratelimited traceroute does also allow a 2:1 reflected DoS of the network as well, but these concerns are less than the problem with positional confidentiality (other DoS routes exist). This vulnerability is fixed in 2.5.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-43856 - Immich OAuth2 CSRF Account Hijacking Vulnerability

CVE ID : CVE-2025-43856 Published : July 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago Description : immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking through oauth2, because the state parameter is not being checked. The oauth2 state parameter is similar to a csrf token, so when the user starts the login flow this unpredictable token is generated and somehow saved in the browser session and passed to the identity provider, which will return the state parameter when redirecting the user back to immich. Before the user is logged in that parameter needs to be verified to make sure the login was actively initiated by the user in this browser session. On it's own, this wouldn't be too bad, but when immich uses the /user-settings page as a redirect_uri, it will automatically link the accounts if the user was already logged in. This means that if someone has an immich instance with a public oauth provider (like google), an attacker can - for example - embed a hidden iframe in a webpage or even just send the victim a forged oauth login url with a code that logs the victim into the attackers oauth account and redirects back to immich and links the accounts. After this, the attacker can log into the victims account using their own oauth credentials. This vulnerability is fixed in 1.132.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-45582 - Apache GNU Tar Directory Traversal Overwrite Vulnerability

CVE ID : CVE-2025-45582 Published : July 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago Description : GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-47182 - Microsoft Edge (Chromium-based) Bypass Security Feature Vulnerability

CVE ID : CVE-2025-47182 Published : July 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago Description : Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-47963 - Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE ID : CVE-2025-47963 Published : July 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago Description : No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-47964 - Microsoft Edge (Chromium-based) URI Spoofing

CVE ID : CVE-2025-47964 Published : July 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago Description : Microsoft Edge (Chromium-based) Spoofing Vulnerability Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-7450 - Letseeqiji Gorobbs API Path Traversal Vulnerability

CVE ID : CVE-2025-7450 Published : July 11, 2025, 5:15 p.m. | 9 hours, 13 minutes ago Description : A vulnerability was found in letseeqiji gorobbs up to 1.0.8. It has been classified as critical. This affects the function ResetUserAvatar of the file controller/api/v1/user.go of the component API. The manipulation of the argument filename leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 17:15:00 GMT

read more

CVE-2025-7029 - Intel Software SMI Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-7029 Published : July 11, 2025, 4:15 p.m. | 10 hours, 13 minutes ago Description : A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used to derive pointers (OcHeader, OcData) passed into power and thermal configuration logic. These buffers are not validated before performing multiple structured memory writes based on OcSetup NVRAM values, enabling arbitrary SMRAM corruption and potential SMM privilege escalation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-7026 - Intel Software SMI Handler Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-7026 Published : July 11, 2025, 4:15 p.m. | 5 hours, 57 minutes ago Description : A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values (e.g., '$DB$' or '2DB$'), the function performs arbitrary writes to System Management RAM (SMRAM), leading to potential privilege escalation to System Management Mode (SMM) and persistent firmware compromise. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-7027 - ASUS Firmware SMM Privilege Escalation Vulnerability

CVE ID : CVE-2025-7027 Published : July 11, 2025, 4:15 p.m. | 5 hours, 57 minutes ago Description : A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable (SetupXtuBufferAddress), while the write content is read from an attacker-controlled pointer based on the RBX register. This dual-pointer dereference enables arbitrary memory writes within System Management RAM (SMRAM), leading to potential SMM privilege escalation and firmware compromise. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-7028 - Apache Software SMI Handler Pointer Dereference Vulnerability

CVE ID : CVE-2025-7028 Published : July 11, 2025, 4:15 p.m. | 5 hours, 57 minutes ago Description : A vulnerability in the Software SMI handler (SwSmiInputValue 0x20) allows a local attacker to supply a crafted pointer (FuncBlock) through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions (ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo) that dereference both the structure and its nested members, such as BufAddr. This enables arbitrary read/write access to System Management RAM (SMRAM), allowing an attacker to corrupt firmware memory, exfiltrate SMRAM content via flash, or install persistent implants. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52986 - Juniper Networks Junos OS and Junos OS Evolved RPD Memory Leak Vulnerability

CVE ID : CVE-2025-52986 Published : July 11, 2025, 4:15 p.m. | 4 hours, 12 minutes ago Description : A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low privileged user to cause an impact to the availability of the device. When RIB sharding is enabled and a user executes one of several routing related 'show' commands, a certain amount of memory is leaked. When all available memory has been consumed rpd will crash and restart. The leak can be monitored with the CLI command: show task memory detail | match task_shard_mgmt_cookie where the allocated memory in bytes can be seen to continuously increase with each exploitation. This issue affects: Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S11, * 22.2 versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S7, * 23.2 versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2, * 24.4 versions before 24.4R1-S2, 24.4R2; Junos OS Evolved: * all versions before 22.2R3-S7-EVO * 22.4-EVO versions before 22.4R3-S7-EVO, * 23.2-EVO versions before 23.2R2-S4-EVO, * 23.4-EVO versions before 23.4R2-S4-EVO, * 24.2-EVO versions before 24.2R2-EVO, * 24.4-EVO versions before 24.4R2-EVO. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52988 - Juniper Networks Junos OS and Junos OS Evolved OS Command Injection

CVE ID : CVE-2025-52988 Published : July 11, 2025, 4:15 p.m. | 4 hours, 12 minutes ago Description : An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a high privileged, local attacker to escalated their privileges to root. When a user provides specifically crafted arguments to the 'request system logout' command, these will be executed as root on the shell, which can completely compromise the device. This issue affects: Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S8, * 22.2 versions before 22.2R3-S6, * 22.3 versions before 22.3R3-S3, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S1, * 23.4 versions before 23.4R1-S2, 23.4R2; Junos OS Evolved: * all versions before 22.4R3-S6-EVO, * 23.2-EVO versions before 23.2R2-S1-EVO, * 23.4-EVO versions before 23.4R1-S2-EVO, 23.4R2-EVO. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52989 - Juniper Networks Junos OS and Junos OS Evolved Delimiter Injection Vulnerability

CVE ID : CVE-2025-52989 Published : July 11, 2025, 4:15 p.m. | 4 hours, 12 minutes ago Description : An Improper Neutralization of Delimiters vulnerability in the UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to modify the system configuration. A user with limited configuration and commit permissions, using a specifically crafted annotate configuration command, can change any part of the device configuration. This issue affects: Junos OS: * all versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S7, * 23.2 versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2-S1, * 24.4 versions before 24.4R1-S2, 24.4R2; Junos OS Evolved: * all versions before 22.4R3-S7-EVO, * 23.2-EVO versions before 23.2R2-S4-EVO, * 23.4-EVO versions before 23.4R2-S5-EVO, * 24.2-EVO versions before 24.2R2-S1-EVO * 24.4-EVO versions before 24.4R2-EVO. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-6549 - Juniper Networks Junos OS SRX Series Incorrect Authorization Web Access Vulnerability

CVE ID : CVE-2025-6549 Published : July 11, 2025, 4:15 p.m. | 4 hours, 12 minutes ago Description : An Incorrect Authorization vulnerability in the web server of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to reach the Juniper Web Device Manager (J-Web). When Juniper Secure connect (JSC) is enabled on specific interfaces, or multiple interfaces are configured for J-Web, the J-Web UI is reachable over more than the intended interfaces. This issue affects Junos OS: * all versions before 21.4R3-S9, * 22.2 versions before 22.2R3-S5, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S5, * 24.2 versions before 24.2R2. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52980 - Juniper Networks Junos OS BGP Byte Order Denial-of-Service (DoS) Vulnerability

CVE ID : CVE-2025-52980 Published : July 11, 2025, 4:15 p.m. | 2 hours, 12 minutes ago Description : A Use of Incorrect Byte Ordering vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS on SRX300 Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a BGP update is received over an established BGP session which contains a specific, valid, optional, transitive path attribute, rpd will crash and restart. This issue affects eBGP and iBGP over IPv4 and IPv6. This issue affects: Junos OS: * 22.1 versions from 22.1R1 before 22.2R3-S4, * 22.3 versions before 22.3R3-S3, * 22.4 versions before 22.4R3-S2, * 23.2 versions before 23.2R2, * 23.4 versions before 23.4R2. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52981 - Juniper Networks Junos OS Denial-of-Service (DoS) vulnerability in flowd

CVE ID : CVE-2025-52981 Published : July 11, 2025, 4:15 p.m. | 2 hours, 12 minutes ago Description : An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX1600, SRX2300, SRX 4000 Series, and SRX5000 Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If a sequence of specific PIM packets is received, this will cause a flowd crash and restart. This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S11, * 22.2 versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2. This is a similar, but different vulnerability than the issue reported as CVE-2024-47503, published in JSA88133. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52982 - Juniper Networks Junos OS MX Series SIP ALG Denial-of-Service Vulnerability

CVE ID : CVE-2025-52982 Published : July 11, 2025, 4:15 p.m. | 2 hours, 12 minutes ago Description : An Improper Resource Shutdown or Release vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an MX Series device with an MS-MPC is configured with two or more service sets which are both processing SIP calls, a specific sequence of call events will lead to a crash and restart of the MS-MPC. This issue affects Junos OS: * all versions before 21.2R3-S9, * 21.4 versions from 21.4R1, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6. As the MS-MPC is EoL after Junos OS 22.4, later versions are not affected. This issue does not affect MX-SPC3 or SRX Series devices. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52983 - Juniper Networks Junos OS Public Key Authentication Bypass

CVE ID : CVE-2025-52983 Published : July 11, 2025, 4:15 p.m. | 2 hours, 12 minutes ago Description : A UI Discrepancy for Security Feature vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device. On VM Host Routing Engines (RE), even if the configured public key for root has been removed, remote users which are in possession of the corresponding private key can still log in as root. This issue affects Junos OS: * all versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S3, * 24.2 versions before 24.2R1-S2, 24.2R2. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52984 - Juniper Networks Junos OS and Junos OS Evolved NULL Pointer Dereference Vulnerability in Routing Protocol Daemon (rpd)

CVE ID : CVE-2025-52984 Published : July 11, 2025, 4:15 p.m. | 2 hours, 12 minutes ago Description : A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device. When static route points to a reject next hop and a gNMI query is processed for that static route, rpd crashes and restarts. This issue affects: Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2; Junos OS Evolved: * all versions before 22.4R3-S7-EVO, * 23.2-EVO versions before 23.2R2-S3-EVO, * 23.4-EVO versions before 23.4R2-S4-EVO, * 24.2-EVO versions before 24.2R2-EVO. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52985 - Juniper Networks Junos OS Evolved Prefix List Bypass

CVE ID : CVE-2025-52985 Published : July 11, 2025, 4:15 p.m. | 2 hours, 12 minutes ago Description : A Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass security restrictions. When a firewall filter which is applied to the lo0 or re:mgmt interface references a prefix list with 'from prefix-list', and that prefix list contains more than 10 entries, the prefix list doesn't match and packets destined to or from the local device are not filtered. This issue affects firewall filters applied to the re:mgmt interfaces as input and output, but only affects firewall filters applied to the lo0 interface as output. This issue is applicable to IPv4 and IPv6 as a prefix list can contain IPv4 and IPv6 prefixes. This issue affects Junos OS Evolved: * 23.2R2-S3-EVO versions before 23.2R2-S4-EVO, * 23.4R2-S3-EVO versions before 23.4R2-S5-EVO, * 24.2R2-EVO versions before 24.2R2-S1-EVO, * 24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO. This issue doesn't not affect Junos OS Evolved versions before 23.2R1-EVO. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 16:15:00 GMT

read more

CVE-2025-52958 - Juniper Networks Junos OS and Junos OS Evolved Reachable Assertion BGP Denial of Service

CVE ID : CVE-2025-52958 Published : July 11, 2025, 3:15 p.m. | 3 hours, 12 minutes ago Description : A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario. Continued session establishment failures leads to a sustained DoS condition. This issue affects Junos OS: * All versions before 22.2R3-S6, * from 22.4 before 22.4R3-S6, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2; Junos OS Evolved: * All versions before 22.2R3-S6-EVO, * from 22.4 before 22.4R3-S6-EVO, * from 23.2 before 23.2R2-S3-EVO, * from 23.4 before 23.4R2-S4-EVO, * from 24.2 before 24.2R2-EVO. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52963 - Juniper Networks Junos OS Improper Access Control Denial-of-Service

CVE ID : CVE-2025-52963 Published : July 11, 2025, 3:15 p.m. | 3 hours, 12 minutes ago Description : An Improper Access Control vulnerability in the User Interface (UI) of Juniper Networks Junos OS allows a local, low-privileged attacker to bring down an interface, leading to a Denial-of-Service. Users with "view" permissions can run a specific request interface command which allows the user to shut down the interface. This issue affects Junos OS: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S1, * from 24.4 before 24.4R1-S3, 24.4R2. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52964 - "Juniper Networks Junos OS and Junos OS Evolved Reachable Assertion Denial of Service Vulnerability"

CVE ID : CVE-2025-52964 Published : July 11, 2025, 3:15 p.m. | 3 hours, 12 minutes ago Description : A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition. For the issue to occur, BGP multipath with "pause-computation-during-churn" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer. This issue affects: Junos OS: * All versions before 21.4R3-S7, * from 22.3 before 22.3R3-S3, * from 22.4 before 22.4R3-S5, * from 23.2 before 23.2R2, * from 23.4 before 23.4R2. Junos OS Evolved: * All versions before 21.4R3-S7-EVO, * from 22.3 before 22.3R3-S3-EVO, * from 22.4 before 22.4R3-S5-EVO, * from 23.2 before 23.2R2-EVO, * from 23.4 before 23.4R2-EVO. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52994 - Apache PhpThumb OS Command Injection

CVE ID : CVE-2025-52994 Published : July 11, 2025, 3:15 p.m. | 3 hours, 12 minutes ago Description : gif_outputAsJpeg in phpThumb through 1.7.23 allows phpthumb.gif.php OS Command Injection via a crafted parameter value. This is fixed in 1.7.23-202506081709. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2023-38327 - eGroupWare User Enumeration Vulnerability

CVE ID : CVE-2023-38327 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : An issue was discovered in eGroupWare 17.1.20190111. A User Enumeration vulnerability exists under calendar/freebusy.php, which allows unauthenticated remote attackers to enumerate the users of web applications based on server response. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2023-38329 - eGroupWare Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2023-38329 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : An issue was discovered in eGroupWare 17.1.20190111. A cross-site scripting Reflected (XSS) vulnerability exists in calendar/freebusy.php, which allows unauthenticated remote attackers to inject arbitrary web script or HTML into the "user" HTTP/GET parameter, which reflects its input without sanitization. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-30661 - Juniper Networks Junos OS Incorrect Permission Assignment for Critical Resource Privilege Escalation

CVE ID : CVE-2025-30661 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : An Incorrect Permission Assignment for Critical Resource vulnerability in line card script processing of Juniper Networks Junos OS allows a local, low-privileged user to install scripts to be executed as root, leading to privilege escalation. A local user with access to the local file system can copy a script to the router in a way that will be executed as root, as the system boots. Execution of the script as root can lead to privilege escalation, potentially providing the adversary complete control of the system. This issue only affects specific line cards, such as the MPC10, MPC11, LC4800, LC9600, MX304-LMIC16, SRX4700, and EX9200-15C. This issue affects Junos OS: * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S1, * from 24.4 before 24.4R1-S3, 24.4R2. This issue does not affect versions prior to 23.1R2. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-48924 - Apache Commons Lang Uncontrolled Recursion Vulnerability

CVE ID : CVE-2025-48924 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowError on very long inputs. Because an Error is usually not handled by applications and libraries, a StackOverflowError could cause an application to stop. Users are recommended to upgrade to version 3.18.0, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52089 - TOTOLINK N300RB Command Injection Vulnerability

CVE ID : CVE-2025-52089 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to execute arbitrary OS commands with root privileges. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52946 - Juniper Networks Junos OS and Junos OS Evolved BGP AS PATH Use After Free Denial of Service

CVE ID : CVE-2025-52946 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : A Use After Free vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an attacker sending a BGP update with a specifically malformed AS PATH to cause rpd to crash, resulting in a Denial of Service (DoS). Continuous receipt of the malformed AS PATH attribute will cause a sustained DoS condition. On all Junos OS and Junos OS Evolved platforms, the rpd process will crash and restart when a specifically malformed AS PATH is received within a BGP update and traceoptions are enabled. This issue only affects systems with BGP traceoptions enabled and requires a BGP session to be already established. Systems without BGP traceoptions enabled are not impacted by this issue. This issue affects: Junos OS: * All versions before 21.2R3-S9, * all versions of 21.4, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S5, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2; Junos OS Evolved: * All versions before 22.4R3-S5-EVO, * from 23.2-EVO before 23.2R2-S3-EVO, * from 23.4-EVO before 23.4R2-S4-EVO, * from 24.2-EVO before 24.2R2-EVO. This is a more complete fix for previously published CVE-2024-39549 (JSA83011). Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52947 - Juniper Networks Junos OS ACX Series Improper Exception Handling Denial of Service

CVE ID : CVE-2025-52947 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : An Improper Handling of Exceptional Conditions vulnerability in route processing of Juniper Networks Junos OS on specific end-of-life (EOL) ACX Series platforms allows an attacker to crash the Forwarding Engine Board (FEB) by flapping an interface, leading to a Denial of Service (DoS). On ACX1000, ACX1100, ACX2000, ACX2100, ACX2200, ACX4000, ACX5048, and ACX5096 devices, FEB0 will crash when the primary path port of the L2 circuit IGP (Interior Gateway Protocol) on the local device goes down. This issue is seen only when 'hot-standby' mode is configured for the L2 circuit. This issue affects Junos OS on ACX1000, ACX1100, ACX2000, ACX2100, ACX2200, ACX4000, ACX5048, and ACX5096: * all versions before 21.2R3-S9. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52948 - Juniper Networks Junos OS BPF Exceptional Condition Handling Vulnerability

CVE ID : CVE-2025-52948 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : An Improper Handling of Exceptional Conditions vulnerability in Berkeley Packet Filter (BPF) processing of Juniper Networks Junos OS allows an attacker, in rare cases, sending specific, unknown traffic patterns to cause the FPC and system to crash and restart. BPF provides a raw interface to data link layers in a protocol independent fashion. Internally within the Junos kernel, due to a rare timing issue (race condition), when a BPF instance is cloned, the newly created interface causes an internal structure leakage, leading to a system crash. The precise content and timing of the traffic patterns is indeterminate, but has been seen in a lab environment multiple times. This issue is more likely to occur when packet capturing is enabled. See required configuration below. This issue affects Junos OS: * all versions before 21.2R3-S9, * from 21.4 before 21.4R3-S10, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S3, * from 24.2 before 24.2R1-S1, 24.2R2. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52949 - Juniper Networks Junos OS and Junos OS Evolved BGP Improper Length Parameter Handling Denial of Service

CVE ID : CVE-2025-52949 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Only systems configured for Ethernet Virtual Private Networking (EVPN) signaling are vulnerable to this issue. This issue affects iBGP and eBGP, and both IPv4 and IPv6 are affected by this vulnerability.This issue affects: Junos OS: * all versions before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S1, * from 24.4 before 24.4R1-S3, 24.4R2; Junos OS Evolved: * all versions before 22.2R3-S7-EVO, * from 22.4-EVO before 22.4R3-S7-EVO, * from 23.2-EVO before 23.2R2-S4-EVO, * from 23.4-EVO before 23.4R2-S5-EVO, * from 24.2-EVO before 24.2R2-S1-EVO, * from 24.4-EVO before 24.4R1-S3-EVO, 24.4R2-EVO. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52950 - Juniper Networks Security Director Missing Authorization Vulnerability

CVE ID : CVE-2025-52950 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : A Missing Authorization vulnerability in Juniper Networks Security Director allows an unauthenticated network-based attacker to read or tamper with multiple sensitive resources via the web interface. Numerous endpoints on the Juniper Security Director appliance do not validate authorization and will deliver information to the caller that is outside their authorization level. An attacker can access data that is outside the user's authorization level. The information obtained can be used to gain access to additional information or perpetrate other attacks, impacting downstream managed devices. This issue affects Security Director version 24.4.1. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52951 - Juniper Networks Junos OS IPv6 Firewall Bypass Protection Mechanism Failure

CVE ID : CVE-2025-52951 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : A Protection Mechanism Failure vulnerability in kernel filter processing of Juniper Networks Junos OS allows an attacker sending IPv6 traffic to an interface to effectively bypass any firewall filtering configured on the interface. Due to an issue with Junos OS kernel filter processing, the 'payload-protocol' match is not being supported, causing any term containing it to accept all packets without taking any other action. In essence, these firewall filter terms were being processed as an 'accept' for all traffic on the interface. This issue affects Junos OS: * all versions before 21.2R3-S9, * from 21.4 before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S1, * from 24.4 before 24.4R1-S2, 24.4R2. This is a more complete fix for previously published CVE-2024-21607 (JSA75748). Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52952 - Juniper Networks Junos OS CFM Daemon Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-52952 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions before 22.2R3-S1, * from 22.4 before 22.4R2. This feature is not enabled by default. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52953 - Juniper Networks Junos OS and Junos OS Evolved BGP UPDATE Packet Processing Denial of Service

CVE ID : CVE-2025-52953 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : An Expected Behavior Violation vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a valid BGP UPDATE packet to cause a BGP session reset, resulting in a Denial of Service (DoS). Continuous receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects iBGP and eBGP and both IPv4 and IPv6 are affected by this vulnerability. This issue affects Junos OS: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2, * from 24.4 before 24.4R1-S3, 24.4R2 Junos OS Evolved: * All versions before 22.2R3-S7-EVO, * from 22.4-EVO before 22.4R3-S7-EVO, * from 23.2-EVO before 23.2R2-S4-EVO, * from 23.4-EVO before 23.4R2-S4-EVO, * from 24.2-EVO before 24.2R2-EVO, * from 24.4-EVO before 24.4R1-S3-EVO, 24.4R2-EVO. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52954 - Juniper Networks Junos OS Evolved Missing Authorization Root Privilege Escalation Vulnerability

CVE ID : CVE-2025-52954 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : A Missing Authorization vulnerability in the internal virtual routing and forwarding (VRF) of Juniper Networks Junos OS Evolved allows a local, low-privileged user to gain root privileges, leading to a system compromise. Any low-privileged user with the capability to send packets over the internal VRF can execute arbitrary Junos commands and modify the configuration, and thus compromise the system. This issue affects Junos OS Evolved: * All versions before 22.2R3-S7-EVO, * from 22.4 before 22.4R3-S7-EVO, * from 23.2 before 23.2R2-S4-EVO, * from 23.4 before 23.4R2-S5-EVO, * from 24.2 before 24.2R2-S1-EVO * from 24.4 before 24.4R1-S2-EVO, 24.4R2-EVO. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-52955 - Juniper Networks Junos OS Buffer Overflow Denial of Service

CVE ID : CVE-2025-52955 Published : July 11, 2025, 3:15 p.m. | 1 hour, 12 minutes ago Description : An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a memory corruption that leads to a rpd crash. When the logical interface using a routing instance flaps continuously, specific updates are sent to the jflow/sflow modules. This results in memory corruption, leading to an rpd crash and restart. Continued receipt of these specific updates will cause a sustained Denial of Service condition. This issue affects Junos OS: * All versions before 21.2R3-S9, * All versions of 21.4, * All versions of 22.2, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 15:15:00 GMT

read more

CVE-2025-51591 - Pandoc SSRF Vulnerability

CVE ID : CVE-2025-51591 Published : July 11, 2025, 2:15 p.m. | 2 hours, 12 minutes ago Description : A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 14:15:00 GMT

read more

CVE-2025-53861 - Ansible Cookie Transmission Vulnerability

CVE ID : CVE-2025-53861 Published : July 11, 2025, 1:15 p.m. | 3 hours, 11 minutes ago Description : A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle (MitM) and Cross-site scripting (XSS) attacks allowing attackers to read transmitted data. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 13:15:00 GMT

read more

CVE-2025-53862 - Ansible Unauthenticated Information Disclosure

CVE ID : CVE-2025-53862 Published : July 11, 2025, 1:15 p.m. | 3 hours, 11 minutes ago Description : A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 13:15:00 GMT

read more

CVE-2025-6788 - Apache TGML Diagram Resource Exposure Vulnerability

CVE ID : CVE-2025-6788 Published : July 11, 2025, 12:15 p.m. | 4 hours, 12 minutes ago Description : CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that exposes TGML diagram resources to the wrong control sphere, providing other authenticated users with potentially inappropriate access to TGML diagrams. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 12:15:00 GMT

read more

CVE-2025-50124 - Apache Server Privilege Escalation Vulnerability

CVE ID : CVE-2025-50124 Published : July 11, 2025, 11:15 a.m. | 5 hours, 12 minutes ago Description : CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation when the server is accessed by a privileged account via a console and through exploitation of a setup script. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 11:15:00 GMT

read more

CVE-2025-50125 - Apache Server-Side Request Forgery (SSRF) Remote Code Execution

CVE ID : CVE-2025-50125 Published : July 11, 2025, 11:15 a.m. | 5 hours, 12 minutes ago Description : CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated remote code execution when the server is accessed via the network with knowledge of hidden URLs and manipulation of host request header. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 11:15:00 GMT

read more

CVE-2025-3933 - Hugging Face Transformers DonutProcessor ReDoS Vulnerability

CVE ID : CVE-2025-3933 Published : July 11, 2025, 10:15 a.m. | 4 hours, 9 minutes ago Description : A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's `token2json()` method. This vulnerability affects versions 4.50.3 and earlier, and is fixed in version 4.52.1. The issue arises from the regex pattern `` which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting document processing tasks using the Donut model. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 10:15:00 GMT

read more

CVE-2025-50121 - Apache HTTP Server OS Command Injection

CVE ID : CVE-2025-50121 Published : July 11, 2025, 10:15 a.m. | 4 hours, 9 minutes ago Description : CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause unauthenticated remote code execution when a malicious folder is created over the web interface HTTP when enabled. HTTP is disabled by default. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 10:15:00 GMT

read more

CVE-2025-50122 - OpenSSH Root Password Discovery Vulnerability

CVE ID : CVE-2025-50122 Published : July 11, 2025, 10:15 a.m. | 4 hours, 9 minutes ago Description : CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 10:15:00 GMT

read more

CVE-2025-50123 - Juniper Networks Code Injection Vulnerability

CVE ID : CVE-2025-50123 Published : July 11, 2025, 10:15 a.m. | 4 hours, 9 minutes ago Description : CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote command execution by a privileged account when the server is accessed via a console and through exploitation of the hostname input. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 10:15:00 GMT

read more

CVE-2025-6438 - Apache SOAP XML External Entity Reference Vulnerability

CVE ID : CVE-2025-6438 Published : July 11, 2025, 9:15 a.m. | 5 hours, 9 minutes ago Description : CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause manipulation of SOAP API calls and XML external entities injection resulting in unauthorized file access when the server is accessed via the network using an application account. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 09:15:00 GMT

read more

CVE-2025-6838 - WordPress Broken Link Notifier CSV Injection Vulnerability

CVE ID : CVE-2025-6838 Published : July 11, 2025, 9:15 a.m. | 5 hours, 9 minutes ago Description : The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it possible for authenticated attackers, with Contributor-level access and above, to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 09:15:00 GMT

read more

CVE-2025-6851 - "WordPress Broken Link Notifier SSRF"

CVE ID : CVE-2025-6851 Published : July 11, 2025, 9:15 a.m. | 5 hours, 9 minutes ago Description : The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.0 via the ajax_blinks() function which ultimately calls the check_url_status_code() function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 09:15:00 GMT

read more

CVE-2025-4593 - WordPress WP Register Profile With Shortcode Sensitive Information Exposure

CVE ID : CVE-2025-4593 Published : July 11, 2025, 8:15 a.m. | 6 hours, 9 minutes ago Description : The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'rp_user_data' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data from user meta like hashed passwords, usernames, and more. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-5530 - WPC Smart Compare for WooCommerce Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5530 Published : July 11, 2025, 8:15 a.m. | 6 hours, 9 minutes ago Description : The WPC Smart Compare for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shortcode_btn' shortcode in all versions up to, and including, 6.4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-6068 - FooGallery WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6068 Published : July 11, 2025, 8:15 a.m. | 6 hours, 9 minutes ago Description : The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-caption-title` & `data-caption-description` HTML attributes in all versions up to, and including, 2.4.31 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-6745 - WoodMart WordPress Information Exposure Vulnerability

CVE ID : CVE-2025-6745 Published : July 11, 2025, 8:15 a.m. | 6 hours, 9 minutes ago Description : The WoodMart plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.2.5 via the woodmart_get_posts_by_query() function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-7442 - "Wordpress Gym Management System SQL Injection Vulnerability"

CVE ID : CVE-2025-7442 Published : July 11, 2025, 8:15 a.m. | 6 hours, 9 minutes ago Description : The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to SQL Injection via several parameters in the MJ_gmgt_delete_class_limit_for_member, MJ_gmgt_get_yearly_income_expense, MJ_gmgt_get_monthly_income_expense, MJ_gmgt_add_class_limit, MJ_gmgt_view_meeting_detail, and MJ_gmgt_create_meeting functions in all versions up to 67.8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 08:15:00 GMT

read more

CVE-2025-5028 - ESET Windows Installation File Privilege Escalation Vulnerability

CVE ID : CVE-2025-5028 Published : July 11, 2025, 7:15 a.m. | 7 hours, 9 minutes ago Description : Installation file of ESET security products on Windows allow an attacker to misuse to delete an arbitrary file without having the permissions to do so. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 07:15:00 GMT

read more

CVE-2025-5392 - "WordPress GB Forms DB Remote Code Execution"

CVE ID : CVE-2025-5392 Published : July 11, 2025, 7:15 a.m. | 7 hours, 9 minutes ago Description : The GB Forms DB plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.2 via the gbfdb_talk_to_front() function. This is due to the function accepting user input and then passing that through call_user_func(). This makes it possible for unauthenticated attackers to execute code on the server which can be leverage to inject backdoors or create new administrative user accounts to name a few things. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 07:15:00 GMT

read more

CVE-2025-5992 - Qt QColorTransferGenericFunction ICC Profile Denial of Service

CVE ID : CVE-2025-5992 Published : July 11, 2025, 7:15 a.m. | 7 hours, 9 minutes ago Description : When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from 6.9.0 through 6.9.1. This is fixed in 6.8.4 and 6.9.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 07:15:00 GMT

read more

CVE-2025-6716 - WordPress Photos Plugin Stored Cross-Site Scripting

CVE ID : CVE-2025-6716 Published : July 11, 2025, 7:15 a.m. | 7 hours, 9 minutes ago Description : The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'upload[1][title]' parameter in all versions up to, and including, 26.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 07:15:00 GMT

read more

CVE-2025-30024 - Apache HTTP Server SSL/TLS Man-in-the-Middle Attack

CVE ID : CVE-2025-30024 Published : July 11, 2025, 6:15 a.m. | 8 hours, 9 minutes ago Description : The communication protocol used between client and server had a flaw that could be leveraged to execute a man in the middle attack. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-30025 - Apache Service Control Local Privilege Escalation

CVE ID : CVE-2025-30025 Published : July 11, 2025, 6:15 a.m. | 8 hours, 9 minutes ago Description : The communication protocol used between the server process and the service control had a flaw that could lead to a local privilege escalation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-30026 - AXIS Camera Station Authentication Bypass Vulnerability

CVE ID : CVE-2025-30026 Published : July 11, 2025, 6:15 a.m. | 8 hours, 9 minutes ago Description : The AXIS Camera Station Server had a flaw that allowed to bypass authentication that is normally required. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-6200 - GeoDirectory Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6200 Published : July 11, 2025, 6:15 a.m. | 8 hours, 9 minutes ago Description : The GeoDirectory WordPress plugin before 2.8.120 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-2942 - WordPress Order Delivery Date Information Disclosure Vulnerability

CVE ID : CVE-2025-2942 Published : July 11, 2025, 6:15 a.m. | 6 hours, 12 minutes ago Description : The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title (such as from draft and private posts) via an unauthenticated AJAX action, allowing attackers to retrieve such information Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-30023 - Apache Server Remote Code Execution Vulnerability

CVE ID : CVE-2025-30023 Published : July 11, 2025, 6:15 a.m. | 6 hours, 12 minutes ago Description : The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack. Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 06:15:00 GMT

read more

CVE-2025-7401 - WordPress Premium Age Verification/Restriction Remote File Read/Write Vulnerability

CVE ID : CVE-2025-7401 Published : July 11, 2025, 5:15 a.m. | 7 hours, 12 minutes ago Description : The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to arbitrary file read and write due to the existence of an insufficiently protected remote support functionality in remote_tunnel.php in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to read from or write to arbitrary files on the affected site's server which may make the exposure of sensitive information or remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 05:15:00 GMT

read more

CVE-2025-53848 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53848 Published : July 11, 2025, 4:15 a.m. | 6 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53849 - Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-53849 Published : July 11, 2025, 4:15 a.m. | 6 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53850 - OpenVAS Scanner Not Used

CVE ID : CVE-2025-53850 Published : July 11, 2025, 4:15 a.m. | 6 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53851 - "Apache Struts Unvalidated Deserialization"

CVE ID : CVE-2025-53851 Published : July 11, 2025, 4:15 a.m. | 6 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53852 - Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-53852 Published : July 11, 2025, 4:15 a.m. | 6 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-7436 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7436 Published : July 11, 2025, 4:15 a.m. | 6 hours, 11 minutes ago Description : A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=delete_vacancy. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 04:15:00 GMT

read more

CVE-2025-53864 - Connect2id Nimbus JOSE+JWT Denial of Service Recursive JSON Object Vulnerability

CVE ID : CVE-2025-53864 Published : July 11, 2025, 3:16 a.m. | 5 hours, 11 minutes ago Description : Connect2id Nimbus JOSE + JWT before 10.0.2 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2id product could have checked the JSON object nesting depth, regardless of what limits (if any) were imposed by Gson. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 03:16:00 GMT

read more

CVE-2025-7435 - LiveHelperChat lhc-php-resque Extension Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7435 Published : July 11, 2025, 3:16 a.m. | 5 hours, 11 minutes ago Description : A vulnerability was found in LiveHelperChat lhc-php-resque Extension up to ee1270b35625f552425e32a6a3061cd54b5085c4. It has been classified as problematic. This affects an unknown part of the file /site_admin/lhcphpresque/list/ of the component List Handler. The manipulation of the argument queue name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The identifier of the patch is 542aa8449b5aa889b3a54f419e794afe19f56d5d/0ce7b4f1193c0ed6c6e31a960fafededf979eef2. It is recommended to apply a patch to fix this issue. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 03:16:00 GMT

read more

CVE-2025-7434 - Tenda FH451 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7434 Published : July 11, 2025, 2:15 a.m. | 6 hours, 12 minutes ago Description : A vulnerability was found in Tenda FH451 up to 1.0.0.9 and classified as critical. Affected by this issue is the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 02:15:00 GMT

read more

CVE-2025-5241 - Mitsubishi Electric Corporation MELSEC iQ-F Series Account Lockout Bypass

CVE ID : CVE-2025-5241 Published : July 11, 2025, 1:15 a.m. | 7 hours, 12 minutes ago Description : Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series allows a remote unauthenticated attacker to lockout legitimate users for a certain period by repeatedly attempting to login with incorrect passwords. The legitimate users will be unable to login until a certain period has passed after the lockout or until the product is reset. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 01:15:00 GMT

read more

CVE-2025-7421 - Tenda O3V2 HTTPd Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7421 Published : July 11, 2025, 1:15 a.m. | 7 hours, 12 minutes ago Description : A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been rated as critical. This issue affects the function fromMacFilterModify of the file /goform/operateMacFilter of the component httpd. The manipulation of the argument mac leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 01:15:00 GMT

read more

CVE-2025-7422 - Tenda O3V2 HTTPD Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7422 Published : July 11, 2025, 1:15 a.m. | 7 hours, 12 minutes ago Description : A vulnerability classified as critical has been found in Tenda O3V2 1.0.0.12(3880). Affected is the function setAutoReboot of the file /goform/setNetworkService of the component httpd. The manipulation of the argument week leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 01:15:00 GMT

read more

CVE-2025-7423 - Tenda O3V2 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7423 Published : July 11, 2025, 1:15 a.m. | 7 hours, 12 minutes ago Description : A vulnerability classified as critical was found in Tenda O3V2 1.0.0.12(3880). Affected by this vulnerability is the function formWifiMacFilterSet of the file /goform/setWrlFilterList of the component httpd. The manipulation of the argument macList leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 01:15:00 GMT

read more

CVE-2025-7420 - Tenda O3V2 HTTPd Stack-Based Buffer Overflow

CVE ID : CVE-2025-7420 Published : July 11, 2025, 12:15 a.m. | 8 hours, 12 minutes ago Description : A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been declared as critical. This vulnerability affects the function formWifiBasicSet of the file /goform/setWrlBasicInfo of the component httpd. The manipulation of the argument extChannel leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53475 - Advantech iView SQL Injection and Remote Code Execution Vulnerability

CVE ID : CVE-2025-53475 Published : July 11, 2025, 12:15 a.m. | 6 hours, 30 minutes ago Description : A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage(). This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53509 - Advantech iView Argument Injection Vulnerability

CVE ID : CVE-2025-53509 Published : July 11, 2025, 12:15 a.m. | 6 hours, 30 minutes ago Description : A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.restoreDatabase(). This issue requires an authenticated attacker with at least user-level privileges. An input parameter can be used directly in a command without proper sanitization, allowing arbitrary arguments to be injected. This can result in information disclosure, including sensitive database credentials. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53515 - Advantech iView SQL Injection and Remote Code Execution Vulnerability

CVE ID : CVE-2025-53515 Published : July 11, 2025, 12:15 a.m. | 6 hours, 30 minutes ago Description : A vulnerability exists in Advantech iView that allows for SQL injection and remote code execution through NetworkServlet.archiveTrap(). This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53519 - Advantech iView Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53519 Published : July 11, 2025, 12:15 a.m. | 6 hours, 30 minutes ago Description : A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By manipulating specific parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other malicious activities. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-50109 - Emerson ValveLink Cleartext Data Exposure

CVE ID : CVE-2025-50109 Published : July 11, 2025, 12:15 a.m. | 6 hours, 12 minutes ago Description : Emerson ValveLink Products store sensitive information in cleartext within a resource that might be accessible to another control sphere. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-52459 - Advantech iView Argument Injection Vulnerability

CVE ID : CVE-2025-52459 Published : July 11, 2025, 12:15 a.m. | 6 hours, 12 minutes ago Description : A vulnerability exists in Advantech iView that allows for argument injection in NetworkServlet.backupDatabase(). This issue requires an authenticated attacker with at least user-level privileges. Certain parameters can be used directly in a command without proper sanitization, allowing arbitrary arguments to be injected. This can result in information disclosure, including sensitive database credentials. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-52577 - Advantech iView SQL Injection and Remote Code Execution Vulnerability

CVE ID : CVE-2025-52577 Published : July 11, 2025, 12:15 a.m. | 6 hours, 12 minutes ago Description : A vulnerability exists in Advantech iView that could allow SQL injection and remote code execution through NetworkServlet.archiveTrapRange(). This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not properly sanitized, allowing an attacker to perform SQL injection and potentially execute code in the context of the 'nt authority\local service' account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-52579 - Emerson ValveLink Information Disclosure

CVE ID : CVE-2025-52579 Published : July 11, 2025, 12:15 a.m. | 6 hours, 12 minutes ago Description : Emerson ValveLink Products store sensitive information in cleartext in memory. The sensitive memory might be saved to disk, stored in a core dump, or remain uncleared if the product crashes, or if the programmer does not properly clear the memory before freeing it. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53397 - Advantech iView Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-53397 Published : July 11, 2025, 12:15 a.m. | 6 hours, 12 minutes ago Description : A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other malicious activities. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-53471 - Emerson ValveLink Input Validation Bypass

CVE ID : CVE-2025-53471 Published : July 11, 2025, 12:15 a.m. | 6 hours, 12 minutes ago Description : Emerson ValveLink products receive input or data, but it do not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-41442 - Advantech iView Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-41442 Published : July 11, 2025, 12:15 a.m. | 4 hours, 12 minutes ago Description : A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By manipulating certain input parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other malicious activities. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-46358 - Emerson ValveLink Inadequate Protection Mechanism Vulnerability

CVE ID : CVE-2025-46358 Published : July 11, 2025, 12:15 a.m. | 4 hours, 12 minutes ago Description : Emerson ValveLink products do not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-46704 - Advantech iView Directory Traversal Vulnerability

CVE ID : CVE-2025-46704 Published : July 11, 2025, 12:15 a.m. | 4 hours, 12 minutes ago Description : A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest() that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing an attacker to determine the existence of arbitrary files on the server. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-48496 - Emerson ValveLink Path Traversal Vulnerability

CVE ID : CVE-2025-48496 Published : July 11, 2025, 12:15 a.m. | 4 hours, 12 minutes ago Description : Emerson ValveLink products use a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

CVE-2025-48891 - Advantech iView SQL Injection

CVE ID : CVE-2025-48891 Published : July 11, 2025, 12:15 a.m. | 4 hours, 12 minutes ago Description : A vulnerability exists in Advantech iView that could allow for SQL injection through the CUtils.checkSQLInjection() function. This vulnerability can be exploited by an authenticated attacker with at least user-level privileges, potentially leading to information disclosure or a denial-of-service condition. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 11 Jul 2025 00:15:00 GMT

read more

Fuite de données chez Centre National de la Fonction Publique Territoriale

]]>

Fri Jul 11 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-7418 - Tenda O3V2 HTTPd destIP Stack-Based Buffer Overflow

CVE ID : CVE-2025-7418 Published : July 10, 2025, 11:15 p.m. | 5 hours, 12 minutes ago Description : A vulnerability was found in Tenda O3V2 1.0.0.12(3880) and classified as critical. Affected by this issue is the function fromPingResultGet of the file /goform/setPing of the component httpd. The manipulation of the argument destIP leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 23:15:00 GMT

read more

CVE-2025-7419 - Tenda O3V2 HTTPd DestIP Stack-Based Buffer Overflow

CVE ID : CVE-2025-7419 Published : July 10, 2025, 11:15 p.m. | 5 hours, 12 minutes ago Description : A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been classified as critical. This affects the function fromSpeedTestSet of the file /goform/setRateTest of the component httpd. The manipulation of the argument destIP leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 23:15:00 GMT

read more

CVE-2025-1727 - Amtrak FRED Protocol BCH Checksum Vulnerability

CVE ID : CVE-2025-1727 Published : July 10, 2025, 11:15 p.m. | 3 hours, 30 minutes ago Description : The protocol used for remote linking over RF for End-of-Train and Head-of-Train (also known as a FRED) relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting operations or potentially overwhelming the brake systems. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 23:15:00 GMT

read more

CVE-2025-31267 - Apple App Store Connect Physical Access Authentication Bypass

CVE ID : CVE-2025-31267 Published : July 10, 2025, 11:15 p.m. | 3 hours, 30 minutes ago Description : An authentication issue was addressed with improved state management. This issue is fixed in App Store Connect 3.0. An attacker with physical access to an unlocked device may be able to view sensitive user information. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 23:15:00 GMT

read more

CVE-2025-24798 - Meshtastic Route Crash Vulnerability (Denial of Service)

CVE ID : CVE-2025-24798 Published : July 10, 2025, 10:15 p.m. | 2 hours, 12 minutes ago Description : Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains want_response==true causes a crash. This can lead to a degradation of service for nodes within range of a malicious sender, or via MQTT if downlink is enabled. This vulnerability is fixed in 2.6.2. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-53637 - Meshtastic Code Injection Vulnerability

CVE ID : CVE-2025-53637 Published : July 10, 2025, 10:15 p.m. | 2 hours, 12 minutes ago Description : Meshtastic is an open source mesh networking solution. The main_matrix.yml GitHub Action is triggered by the pull_request_target event, which has extensive permissions, and can be initiated by an attacker who forked the repository and created a pull request. In the shell code execution part, user-controlled input is interpolated unsafely into the code. If this were to be exploited, attackers could inject unauthorized code into the repository. This vulnerability is fixed in 2.6.6. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-6392 - Brocade SANnav Clear Text Database Password Logging Vulnerability

CVE ID : CVE-2025-6392 Published : July 10, 2025, 10:15 p.m. | 2 hours, 12 minutes ago Description : Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-7416 - Tenda O3V2 HTTPd Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7416 Published : July 10, 2025, 10:15 p.m. | 2 hours, 12 minutes ago Description : A vulnerability, which was classified as critical, was found in Tenda O3V2 1.0.0.12(3880). Affected is the function fromSysToolTime of the file /goform/setSysTimeInfo of the component httpd. The manipulation of the argument Time leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-7417 - Tenda O3V2 HTTPd Stack-Based Buffer Overflow

CVE ID : CVE-2025-7417 Published : July 10, 2025, 10:15 p.m. | 2 hours, 12 minutes ago Description : A vulnerability has been found in Tenda O3V2 1.0.0.12(3880) and classified as critical. Affected by this vulnerability is the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 22:15:00 GMT

read more

CVE-2025-2521 - Honeywell Experion PKS and OneWireless WDM Remote Code Execution Buffer Overflow

CVE ID : CVE-2025-2521 Published : July 10, 2025, 9:15 p.m. | 3 hours, 12 minutes ago Description : The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to an Overread Buffers, which could result in improper index validation against buffer borders leading to remote code execution. Honeywell recommends updating to the most recent version of Honeywell Experion PKS: 520.2 TCU9 HF1 and 530.1 TCU3 HF1 and OneWireless: 322.5 and 331.1. The affected Experion PKS products are C300 PCNT02, C300 PCNT05, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E. The Experion PKS versions affected are from 520.1 through 520.2 TCU9 and from 530 through 530 TCU3.The OneWireless WDM affected versions are 322.1 through 322.4 and 330.1 through 330.3. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-2522 - Honeywell Experion PKS and OneWireless WDM Sensitive Information Disclosure and Communication Channel Manipulation Vulnerability

CVE ID : CVE-2025-2522 Published : July 10, 2025, 9:15 p.m. | 3 hours, 12 minutes ago Description : The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in buffer reuse which may cause incorrect system behavior. Honeywell also recommends updating to the most recent version of Honeywell Experion PKS:520.2 TCU9 HF1 and 530.1 TCU3 HF1 and OneWireless: 322.5 and 331.1. The affected Experion PKS products are C300, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E. The Experion PKS versions affected are 520.1 before 520.2 TCU9 HF1 and 530 before 530 TCU3. The OneWireless WDM affected versions are 322.1 through 322.4 and 330.1 through 330.3. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-2523 - "Honeywell Experion PKS and OneWireless WDM Integer Underflow Vulnerability Allows Remote Code Execution"

CVE ID : CVE-2025-2523 Published : July 10, 2025, 9:15 p.m. | 3 hours, 12 minutes ago Description : The Honeywell Experion PKS and OneWireless WDM contains an Integer Underflow vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in a failure during subtraction allowing remote code execution. Honeywell recommends updating to the most recent version of Honeywell Experion PKS:520.2 TCU9 HF1 and 530.1 TCU3 HF1 and OneWireless: 322.5 and 331.1. The affected Experion PKS products are C300 PCNT02, C300 PCNT05, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E. The Experion PKS versions affected are from 520.1 through 520.2 TCU9 and from 530 through 530 TCU3. The OneWireless WDM affected versions are 322.1 through 322.4 and 330.1 through 330.3. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-3946 - Honeywell Experion PKS and OneWireless WDM Remote Code Execution via Input Data Manipulation

CVE ID : CVE-2025-3946 Published : July 10, 2025, 9:15 p.m. | 3 hours, 12 minutes ago Description : The Honeywell Experion PKS and OneWireless WDM contains a Deployment of Wrong Handler vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in incorrect handling of packets leading to remote code execution. Honeywell recommends updating to the most recent version of Honeywell Experion PKS:520.2 TCU9 HF1 and 530.1 TCU3 HF1 and OneWireless: 322.5 and 331.1. The affected Experion PKS products are C300 PCNT02, C300 PCNT05, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E. The Experion PKS versions affected are from 520.1 through 520.2 TCU9 and from 530 through 530 TCU3. The OneWireless WDM affected versions are 322.1 through 322.4 and 330.1 through 330.3. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-3947 - Honeywell Experion PKS Control Data Access Integer Underflow Denial of Service

CVE ID : CVE-2025-3947 Published : July 10, 2025, 9:15 p.m. | 3 hours, 12 minutes ago Description : The Honeywell Experion PKS contains an Integer Underflow vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in improper integer data value checking during subtraction leading to a denial of service. Honeywell recommends updating to the most recent version of Honeywell Experion PKS:520.2 TCU9 HF1 and 530.1 TCU3 HF1. The affected Experion PKS products are C300 PCNT02, C300 PCNT05, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E. The Experion PKS versions affected are from 520.1 through 520.2 TCU9 and from 530 through 530 TCU3. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-4662 - Brocade SANnav Plaintext Passphrase Disclosure

CVE ID : CVE-2025-4662 Published : July 10, 2025, 9:15 p.m. | 3 hours, 12 minutes ago Description : Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-6390 - Brocade SANnav Password Storage Vulnerability

CVE ID : CVE-2025-6390 Published : July 10, 2025, 9:15 p.m. | 3 hours, 12 minutes ago Description : Brocade SANnav before SANnav 2.4.0a logs passwords and pbe keys in the Brocade SANnav server audit logs after installation and under specific conditions. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-7414 - Tenda O3V2 HTTPd Os Command Injection Vulnerability

CVE ID : CVE-2025-7414 Published : July 10, 2025, 9:15 p.m. | 3 hours, 12 minutes ago Description : A vulnerability classified as critical was found in Tenda O3V2 1.0.0.12(3880). This vulnerability affects the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument domain leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-7415 - Tenda O3V2 HTTPd Command Injection Vulnerability

CVE ID : CVE-2025-7415 Published : July 10, 2025, 9:15 p.m. | 3 hours, 12 minutes ago Description : A vulnerability, which was classified as critical, has been found in Tenda O3V2 1.0.0.12(3880). This issue affects the function fromTraceroutGet of the file /goform/getTraceroute of the component httpd. The manipulation of the argument dest leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 21:15:00 GMT

read more

CVE-2025-53630 - LLama Integer Overflow Leads to Heap Out-of-Bounds Read/Write

CVE ID : CVE-2025-53630 Published : July 10, 2025, 8:15 p.m. | 4 hours, 12 minutes ago Description : llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53632 - Chall-Manager Zip Slip Vulnerability

CVE ID : CVE-2025-53632 Published : July 10, 2025, 8:15 p.m. | 4 hours, 12 minutes ago Description : Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bury Chall-Manager deep within the infrastructure due to its large capabilities, so no users could reach the system. Patch has been implemented by commit 47d188f and shipped in v0.1.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53633 - Chall-Manager Zip Bomb Vulnerability

CVE ID : CVE-2025-53633 Published : July 10, 2025, 8:15 p.m. | 4 hours, 12 minutes ago Description : Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the size of the decoded content is not checked, potentially leading to zip bombs decompression. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bury Chall-Manager deep within the infrastructure due to its large capabilities, so no users could reach the system. Patch has been implemented by commit 14042aa and shipped in v0.1.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53634 - Chall-Manager Unauthenticated HTTP Gateway Slow Loris Denial of Service

CVE ID : CVE-2025-53634 Published : July 10, 2025, 8:15 p.m. | 4 hours, 12 minutes ago Description : Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. The HTTP Gateway processes headers, but with no timeout set. With a slow loris attack, an attacker could cause Denial of Service (DoS). Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bury Chall-Manager deep within the infrastructure due to its large capabilities, so no users could reach the system. Patch has been implemented by commit 1385bd8 and shipped in v0.1.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-7021 - OpenAI Operator SaaS Fullscreen API Spoofing and UI Redressing

CVE ID : CVE-2025-7021 Published : July 10, 2025, 8:15 p.m. | 4 hours, 12 minutes ago Description : Fullscreen API Spoofing and UI Redressing in the handling of Fullscreen API and UI rendering in OpenAI Operator SaaS on Web allows a remote attacker to capture sensitive user input (e.g., login credentials, email addresses) via displaying a deceptive fullscreen interface with overlaid fake browser controls and a distracting element (like a cookie consent screen) to obscure fullscreen notifications, tricking the user into interacting with the malicious site. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-7412 - "Code-Projects Library System Unrestricted File Upload Vulnerability"

CVE ID : CVE-2025-7412 Published : July 10, 2025, 8:15 p.m. | 4 hours, 12 minutes ago Description : A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user/student/profile.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-7413 - Code-projects Library System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7413 Published : July 10, 2025, 8:15 p.m. | 4 hours, 12 minutes ago Description : A vulnerability classified as critical has been found in code-projects Library System 1.0. This affects an unknown part of the file /user/teacher/profile.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34098 - Riverbed SteelHead VCX Path Traversal Vulnerability

CVE ID : CVE-2025-34098 Published : July 10, 2025, 8:15 p.m. | 2 hours, 1 minute ago Description : A path traversal vulnerability exists in Riverbed SteelHead VCX appliances (confirmed in VCX255U 9.6.0a) due to improper input validation in the log filtering functionality exposed via the management web interface. An authenticated attacker can exploit this flaw by submitting crafted filter expressions to the log_filter endpoint using the filterStr parameter. This input is processed by a backend parser that permits execution of file expansion syntax, allowing the attacker to retrieve arbitrary system files via the log viewing interface. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34099 - "VICIdial Command Injection Vulnerability"

CVE ID : CVE-2025-34099 Published : July 10, 2025, 8:15 p.m. | 2 hours, 1 minute ago Description : An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2.13 RC1, within the vicidial_sales_viewer.php component when password encryption is enabled (a non-default configuration). The application improperly passes the HTTP Basic Authentication password directly to a call to exec() without adequate sanitation. This allows remote attackers to inject and execute arbitrary operating system commands as the web server user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34100 - BuilderEngine Unauthenticated Remote Code Execution via Unrestricted File Upload

CVE ID : CVE-2025-34100 Published : July 10, 2025, 8:15 p.m. | 2 hours, 1 minute ago Description : An unrestricted file upload vulnerability exists in BuilderEngine 3.5.0 via the integration of the elFinder 2.0 file manager and its use of the jQuery File Upload plugin. The plugin fails to properly validate or restrict file types or locations during upload operations, allowing an attacker to upload a malicious .php file and subsequently execute arbitrary PHP code on the server under the context of the web server process. While the root vulnerability lies within the jQuery File Upload component, BuilderEngine’s improper integration and lack of access controls expose this functionality to unauthenticated users, resulting in full remote code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34101 - Serviio Media Server Unauthenticated Command Injection Vulnerability

CVE ID : CVE-2025-34101 Published : July 10, 2025, 8:15 p.m. | 2 hours, 1 minute ago Description : An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component (default port 23423). The checkStreamUrl method accepts a VIDEO parameter that is passed unsanitized to a call to cmd.exe, enabling arbitrary command execution under the privileges of the web server. No authentication is required to exploit this issue, as the REST API is exposed by default and lacks access controls. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34102 - "CryptoLog PHP Remote Code Execution via Chained SQL Injection and Command Injection"

CVE ID : CVE-2025-34102 Published : July 10, 2025, 8:15 p.m. | 2 hours, 1 minute ago Description : A remote code execution vulnerability exists in CryptoLog (PHP version, discontinued since 2009) due to a chained exploitation of SQL injection and command injection vulnerabilities. An unauthenticated attacker can gain shell access as the web server user by first exploiting a SQL injection flaw in login.php to bypass authentication, followed by command injection in logshares_ajax.php to execute arbitrary operating system commands. The login bypass is achieved by submitting crafted SQL via the user POST parameter. Once authenticated, the attacker can abuse the lsid POST parameter in the logshares_ajax.php endpoint to inject and execute a command using $(...) syntax, resulting in code execution under the web context. This exploitation path does not exist in the ASP.NET version of CryptoLog released since 2009. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-45662 - Mpgram Web XSS Vulnerability

CVE ID : CVE-2025-45662 Published : July 10, 2025, 8:15 p.m. | 2 hours, 1 minute ago Description : A cross-site scripting (XSS) vulnerability in the component /master/login.php of mpgram-web commit 94baadb allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53506 - Apache Tomcat HTTP/2 Uncontrolled Resource Consumption Denial of Service

CVE ID : CVE-2025-53506 Published : July 10, 2025, 8:15 p.m. | 2 hours, 1 minute ago Description : Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53628 - cpp-httplib Unbounded Line Memory Allocation Buffer Overflow

CVE ID : CVE-2025-53628 Published : July 10, 2025, 8:15 p.m. | 2 hours, 1 minute ago Description : cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.20.1, cpp-httplib does not have a limit for a unique line, permitting an attacker to explore this to allocate memory arbitrarily. This vulnerability is fixed in 0.20.1. NOTE: This vulnerability is related to CVE-2025-53629. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53629 - cpp-httplib Chunked Request Memory Exhaustion Vulnerability

CVE ID : CVE-2025-53629 Published : July 10, 2025, 8:15 p.m. | 2 hours, 1 minute ago Description : cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.23.0, incoming requests using Transfer-Encoding: chunked in the header can allocate memory arbitrarily in the server, potentially leading to its exhaustion. This vulnerability is fixed in 0.23.0. NOTE: This vulnerability is related to CVE-2025-53628. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-2520 - Honeywell Experion PKS Uninitialized Variable Denial of Service

CVE ID : CVE-2025-2520 Published : July 10, 2025, 8:15 p.m. | 30 minutes ago Description : The Honeywell Experion PKS contains an Uninitialized Variable in the common Epic Platform Analyzer (EPA) communications. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which results in a dereferencing of an uninitialized pointer leading to a denial of service. Honeywell recommends updating to the most recent version of Honeywell Experion PKS: 520.2 TCU9 HF1and 530.1 TCU3 HF1. The affected Experion PKS products are C300 PCNT02, EHB, EHPM, ELMM, Classic ENIM, ETN, FIM4, FIM8, PGM, and RFIM. The Experion PKS versions affected are from 520.1 through 520.2 TCU9 and from 530 through 530 TCU3. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34093 - Polycom HDX Series Telnet Command Shell Injection Vulnerability

CVE ID : CVE-2025-34093 Published : July 10, 2025, 8:15 p.m. | 30 minutes ago Description : An authenticated command injection vulnerability exists in the Polycom HDX Series command shell interface accessible over Telnet. The lan traceroute command in the devcmds console accepts unsanitized input, allowing attackers to execute arbitrary system commands. By injecting shell metacharacters through the traceroute interface, an attacker can achieve remote code execution under the context of the root user. This flaw affects systems where Telnet access is enabled and either unauthenticated access is allowed or credentials are known. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34095 - Mako Server OS Command Injection Vulnerability

CVE ID : CVE-2025-34095 Published : July 10, 2025, 8:15 p.m. | 30 minutes ago Description : An OS command injection vulnerability exists in Mako Server versions 2.5 and 2.6, specifically within the tutorial interface provided by the examples/save.lsp endpoint. An unauthenticated attacker can send a crafted PUT request containing arbitrary Lua os.execute() code, which is then persisted on disk and triggered via a subsequent GET request to examples/manage.lsp. This allows remote command execution on the underlying operating system, impacting both Windows and Unix-based deployments. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34096 - Easy File Sharing HTTP Server HTTP Stack Buffer Overflow

CVE ID : CVE-2025-34096 Published : July 10, 2025, 8:15 p.m. | 30 minutes ago Description : A stack-based buffer overflow vulnerability exists in Easy File Sharing HTTP Server version 7.2. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an overly long Email parameter. The application fails to properly validate the length of this field, resulting in a memory corruption condition. An unauthenticated remote attacker can exploit this to execute arbitrary code with the privileges of the server process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-34097 - ProcessMaker Unrestricted File Upload Vulnerability (Remote Code Execution)

CVE ID : CVE-2025-34097 Published : July 10, 2025, 8:15 p.m. | 30 minutes ago Description : An unrestricted file upload vulnerability exists in ProcessMaker versions prior to 3.5.4 due to improper handling of uploaded plugin archives. An attacker with administrative privileges can upload a malicious .tar plugin file containing arbitrary PHP code. Upon installation, the plugin’s install() method is invoked, resulting in execution of attacker-supplied PHP code on the server with the privileges of the web server user. This vulnerability can be chained with CVE-2022-38577 — a privilege escalation flaw in the user profile page — to achieve full remote code execution from a low-privileged account. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 20:15:00 GMT

read more

CVE-2025-53625 - MediaWiki DynamicPageList3 Username Information Disclosure Vulnerability

CVE ID : CVE-2025-53625 Published : July 10, 2025, 7:15 p.m. | 1 hour, 30 minutes ago Description : The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. Several #dpl parameters can leak usernames that have been hidden using revision deletion, suppression, or the hideuser block flag. The vulnerability is fixed in 3.6.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53626 - Pdfme Expression Evaluation Sandbox Escape and Prototype Pollution Vulnerability

CVE ID : CVE-2025-53626 Published : July 10, 2025, 7:15 p.m. | 1 hour, 30 minutes ago Description : pdfme is a TypeScript-based PDF generator and React-based UI. The expression evaluation feature in pdfme 5.2.0 to 5.4.0 contains critical vulnerabilities allowing sandbox escape leading to XSS and prototype pollution attacks. This vulnerability is fixed in 5.4.1. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53709 - "Apache Secure-Upload Token Validation Bypass, Privilege Escalation, and Information Disclosure Vulnerabilities"

CVE ID : CVE-2025-53709 Published : July 10, 2025, 7:15 p.m. | 1 hour, 30 minutes ago Description : Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments. Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily created for their enrollment when sending data upload requests. Authenticated and privileged users of one enrollment could have abused an endpoint to redirect existing submission channels to a dataset they control. An endpoint handling domain validation allowed unauthenticated users to enumerate existing enrollments. Finally, other endpoints allowed enumerating if a resource with a known RID exists across enrollments. The affected service has been patched with version 0.815.0 and automatically deployed to all Apollo-managed Foundry instances. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-7411 - Code-projects LifeStyle Store SQL Injection Vulnerability

CVE ID : CVE-2025-7411 Published : July 10, 2025, 7:15 p.m. | 1 hour, 30 minutes ago Description : A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /success.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-28243 - Alteryx Server HTML Injection Vulnerability

CVE ID : CVE-2025-28243 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : An issue in Alteryx Server v.2023.1.1.460 allows HTML injection via a crafted script to the pages component. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-28244 - Alteryx Server Insecure Permissions Local Storage Vulnerability

CVE ID : CVE-2025-28244 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows remote attackers to obtain valid user session tokens from localStorage, leading to account takeover Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-28245 - Alteryx Server XSS Injection

CVE ID : CVE-2025-28245 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : Cross-site scripting (XSS) vulnerability in Alteryx Server 2023.1.1.460 allows remote attackers to inject arbitrary web script or HTML via the notification body. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52434 - Apache Tomcat APR/Native Connector HTTP/2 Race Condition

CVE ID : CVE-2025-52434 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 9.0.107, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52473 - Liboqs HQC Key Encapsulation Mechanism Secret-Dependent Branch Vulnerability

CVE ID : CVE-2025-52473 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been identified in the reference implementation of the HQC key encapsulation mechanism when it is compiled with Clang for optimization levels above -O0 (-O1, -O2, etc). A proof-of-concept local attack exploits this secret-dependent information to recover the entire secret key. This vulnerability is fixed in 0.14.0. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52520 - Apache Tomcat Integer Overflow DoS

CVE ID : CVE-2025-52520 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52521 - Trend Micro Security Link Following Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-52521 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-52837 - Trend Micro Password Manager Link Following Privilege Escalation Vulnerability

CVE ID : CVE-2025-52837 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow an attacker the opportunity to abuse symbolic links and other methods to delete any file/folder and achieve privilege escalation. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53378 - Trend Micro Worry-Free Business Security Services Agent Unauthenticated Remote Command Execution Vulnerability

CVE ID : CVE-2025-53378 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an unauthenticated attacker to remotely take control of the agent on affected installations. Also note: this vulnerability only affected the SaaS client version of WFBSS only, meaning the on-premise version of Worry-Free Business Security was not affected, and this issue was addressed in a WFBSS monthly maintenance update. Therefore no other customer action is required to mitigate if the WFBSS agents are on the regular SaaS maintenance deployment schedule and this disclosure is for informational purposes only. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53503 - Trend Micro Cleaner One Pro Privilege Escalation Vulnerability

CVE ID : CVE-2025-53503 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : Trend Micro Cleaner One Pro is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53542 - "Kubernetes Headlamp macOS Packaging Command Injection Vulnerability"

CVE ID : CVE-2025-53542 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : Headlamp is an extensible Kubernetes web UI. A command injection vulnerability was discovered in the codeSign.js script used in the macOS packaging workflow of the Kubernetes Headlamp project. This issue arises due to the improper use of Node.js's execSync() function with unsanitized input derived from environment variables, which can be influenced by an attacker. The variables ${teamID}, ${entitlementsPath}, and ${config.app} are dynamically derived from the environment or application config and passed directly to the shell command without proper escaping or argument separation. This exposes the system to command injection if any of the values contain malicious input. This vulnerability is fixed in 0.31.1. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53549 - Matrix Rust SDK SQL Injection

CVE ID : CVE-2025-53549 Published : July 10, 2025, 7:15 p.m. | 1 hour, 12 minutes ago Description : The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::find_event_with_relations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that directly pass relation types provided by those room members into this method, when used with the default sqlite-based store backend. Exploitation is unlikely, as no known clients currently use the API in this manner. This vulnerability is fixed in 0.13. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 19:15:00 GMT

read more

CVE-2025-53371 - DiscordNotifications SSRF and DOS

CVE ID : CVE-2025-53371 Published : July 10, 2025, 6:15 p.m. | 2 hours, 12 minutes ago Description : DiscordNotifications is an extension for MediaWiki that sends notifications of actions in your Wiki to a Discord channel. DiscordNotifications allows sending requests via curl and file_get_contents to arbitrary URLs set via $wgDiscordIncomingWebhookUrl and $wgDiscordAdditionalIncomingWebhookUrls. This allows for DOS by causing the server to read large files. SSRF is also possible if there are internal unprotected APIs that can be accessed using HTTP POST requests, which could also possibly lead to RCE. This vulnerability is fixed in commit 1f20d850cbcce5b15951c7c6127b87b927a5415e. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 18:15:00 GMT

read more

CVE-2025-49462 - Zoom Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-49462 Published : July 10, 2025, 5:15 p.m. | 3 hours, 11 minutes ago Description : Cross-site scripting in certain Zoom Clients before version 6.4.5 may allow an authenticated user to conduct a disclosure of information via network access. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-49463 - Zoom iOS Network Information Disclosure Vulnerability

CVE ID : CVE-2025-49463 Published : July 10, 2025, 5:15 p.m. | 3 hours, 11 minutes ago Description : Insufficient control flow management in certain Zoom Clients for iOS before version 6.4.5 may allow an unauthenticated user to conduct a disclosure of information via network access. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-49464 - Zoom Windows Denial of Service Buffer Overflow

CVE ID : CVE-2025-49464 Published : July 10, 2025, 5:15 p.m. | 3 hours, 11 minutes ago Description : Classic buffer overflow in certain Zoom Clients for Windows may allow an authorised user to conduct a denial of service via network access. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-49630 - Apache HTTP Server mod_proxy_http2 Denial of Service Vulnerability

CVE ID : CVE-2025-49630 Published : July 10, 2025, 5:15 p.m. | 3 hours, 11 minutes ago Description : In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2. Configurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to "on". Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-49812 - Apache HTTP Server mod_ssl TLS Desynchronisation Hijack Vulnerability

CVE ID : CVE-2025-49812 Published : July 10, 2025, 5:15 p.m. | 3 hours, 11 minutes ago Description : In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-53020 - Apache HTTP Server Memory Disclosure

CVE ID : CVE-2025-53020 Published : July 10, 2025, 5:15 p.m. | 3 hours, 11 minutes ago Description : Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-7409 - Code-projects Mobile Shop SQL Injection Vulnerability

CVE ID : CVE-2025-7409 Published : July 10, 2025, 5:15 p.m. | 3 hours, 11 minutes ago Description : A vulnerability was found in code-projects Mobile Shop 1.0 and classified as critical. This issue affects some unknown processing of the file /LoginAsAdmin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-7410 - Code-projects LifeStyle Store SQL Injection Vulnerability

CVE ID : CVE-2025-7410 Published : July 10, 2025, 5:15 p.m. | 3 hours, 11 minutes ago Description : A vulnerability was found in code-projects LifeStyle Store 1.0. It has been classified as critical. Affected is an unknown function of the file /cart_remove.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2024-42516 - Apache HTTP Server HTTP Response Splitting

CVE ID : CVE-2024-42516 Published : July 10, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue. Users are recommended to upgrade to version 2.4.64, which fixes this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2024-43204 - Apache HTTP Server mod_proxy SSRF

CVE ID : CVE-2024-43204 Published : July 10, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2024-43394 - Apache HTTP Server Windows SSRF NTLM Hash Leak

CVE ID : CVE-2024-43394 Published : July 10, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via mod_rewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. The server offers limited protection against administrators directing the server to open UNC paths. Windows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2024-47252 - Apache HTTP Server mod_ssl Untrusted Client Data Injection

CVE ID : CVE-2024-47252 Published : July 10, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-23048 - Apache HTTP Server mod_ssl TLS 1.3 Session Resumption Access Control Bypass

CVE ID : CVE-2025-23048 Published : July 10, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-27889 - Wing FTP Server URL Parameter Injection

CVE ID : CVE-2025-27889 Published : July 10, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : Wing FTP Server before 7.4.4 does not properly validate and sanitize the url parameter of the downloadpass.html endpoint, allowing injection of an arbitrary link. If a user clicks a crafted link, this discloses a cleartext password to the attacker. Severity: 3.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-47811 - Wing FTP Server Privilege Escalation Vulnerability

CVE ID : CVE-2025-47811 Published : July 10, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : In Wing FTP Server through 7.4.4, the administrative web interface (listening by default on port 5466) runs as root or SYSTEM by default. The web application itself offers several legitimate ways to execute arbitrary system commands (i.e., through the web console or the task scheduler), and they are automatically executed in the highest possible privilege context. Because administrative users of the web interface are not necessarily also system administrators, one might argue that this is a privilege escalation. (If a privileged application role is not available to an attacker, CVE-2025-47812 can be leveraged.) NOTE: the vendor reportedly considers this behavior "fine to keep." Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-47812 - Wing FTP Server Lua Code Injection Vulnerability

CVE ID : CVE-2025-47812 Published : July 10, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-47813 - Wing FTP Server Path Disclosure Vulnerability

CVE ID : CVE-2025-47813 Published : July 10, 2025, 5:15 p.m. | 1 hour, 30 minutes ago Description : loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 17:15:00 GMT

read more

CVE-2025-46788 - Zoom Workplace Certificate Validation Information Disclosure Vulnerability

CVE ID : CVE-2025-46788 Published : July 10, 2025, 4:15 p.m. | 2 hours, 30 minutes ago Description : Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 16:15:00 GMT

read more

CVE-2025-46789 - Zoom Windows Buffer Overflow Denial of Service

CVE ID : CVE-2025-46789 Published : July 10, 2025, 4:15 p.m. | 2 hours, 30 minutes ago Description : Classic buffer overflow in certain Zoom Clients for Windows may allow an authorized user to conduct a denial of service via network access. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 16:15:00 GMT

read more

CVE-2025-53364 - Parse Server GraphQL API Unauthenticated Schema Introspection

CVE ID : CVE-2025-53364 Published : July 10, 2025, 4:15 p.m. | 2 hours, 30 minutes ago Description : Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Starting in 5.3.0 and before 7.5.3 and 8.2.2, the Parse Server GraphQL API previously allowed public access to the GraphQL schema without requiring a session token or the master key. While schema introspection reveals only metadata and not actual data, this metadata can still expand the potential attack surface. This vulnerability is fixed in 7.5.3 and 8.2.2. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 16:15:00 GMT

read more

CVE-2025-6395 - GnuTLS NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-6395 Published : July 10, 2025, 4:15 p.m. | 2 hours, 30 minutes ago Description : A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). When it reads certain settings from a template file, it can allow an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial of service (DoS) that could crash the system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 16:15:00 GMT

read more

CVE-2025-7365 - Keycloak Email Hijacking Vulnerability

CVE ID : CVE-2025-7365 Published : July 10, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : A flaw was found in Keycloak. When an authenticated attacker attempts to merge accounts with another existing account during an identity provider (IdP) login, the attacker will subsequently be prompted to "review profile" information. This vulnerability allows the attacker to modify their email address to match that of a victim's account, triggering a verification email sent to the victim's email address. The attacker's email address is not present in the verification email content, making it a potential phishing opportunity. If the victim clicks the verification link, the attacker can gain access to the victim's account. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-7370 - Libsoup Cookie Parsing NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-7370 Published : July 10, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : A flaw was found in libsoup. A NULL pointer dereference vulnerability occurs in libsoup's cookie parsing functionality. When processing a cookie without a domain parameter, the soup_cookie_jar_add_cookie() function will crash, resulting in a denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-7408 - SourceCodester Zoo Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7408 Published : July 10, 2025, 3:15 p.m. | 3 hours, 30 minutes ago Description : A vulnerability has been found in SourceCodester Zoo Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/templates/animal_form_template.php. The manipulation of the argument msg leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-46835 - Git GUI Directory Traversal Write Permission Vulnerability

CVE ID : CVE-2025-46835 Published : July 10, 2025, 3:15 p.m. | 3 hours, 12 minutes ago Description : Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2024-37524 - IBM Analytics Content Hub Information Disclosure

CVE ID : CVE-2024-37524 Published : July 10, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2024-38327 - IBM Analytics Content Hub Exposed JavaScript Source Map Information Disclosure

CVE ID : CVE-2024-38327 Published : July 10, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2024-39752 - IBM Analytics Content Hub File Upload Vulnerability (Remote Code Execution)

CVE ID : CVE-2024-39752 Published : July 10, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing further attacks. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-27613 - Gitk File Truncation Vulnerability

CVE ID : CVE-2025-27613 Published : July 10, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1. Severity: 3.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-27614 - Gitk Command Injection Vulnerability

CVE ID : CVE-2025-27614 Published : July 10, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the attacker by invoking gitk filename, where filename has a particular structure. The script is run with the privileges of the user. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-36090 - IBM Analytics Content Hub Information Disclosure Vulnerability

CVE ID : CVE-2025-36090 Published : July 10, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain information about the application framework which could be used in reconnaissance to gather information for future attacks from a detailed technical error message. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-44251 - Ecovacs Deebot Wi-Fi Credential Transmission Vulnerability

CVE ID : CVE-2025-44251 Published : July 10, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : Ecovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2025-46334 - Git GUI Path Injection Vulnerability

CVE ID : CVE-2025-46334 Published : July 10, 2025, 3:15 p.m. | 1 hour, 30 minutes ago Description : Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes the current directory. The mentioned programs are invoked when the user selects Git Bash or Browse Files from the menu. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 15:15:00 GMT

read more

CVE-2024-36697 - Allworx System Software Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-36697 Published : July 10, 2025, 2:15 p.m. | 2 hours, 30 minutes ago Description : A cross-site scripting (XSS) vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SessionID parameter at query.asp. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 14:15:00 GMT

read more

CVE-2025-7407 - Netgear D6400 OS Command Injection Vulnerability

CVE ID : CVE-2025-7407 Published : July 10, 2025, 2:15 p.m. | 2 hours, 30 minutes ago Description : A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument host_name leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early and confirmed the existence of the vulnerability. They reacted very quickly, professional and kind. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 14:15:00 GMT

read more

CVE-2025-7424 - "Libxslt Type Confusion Memory Corruption Vulnerability"

CVE ID : CVE-2025-7424 Published : July 10, 2025, 2:15 p.m. | 2 hours, 30 minutes ago Description : A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 14:15:00 GMT

read more

CVE-2025-7425 - Libxslt Heap Corruption Vulnerability

CVE ID : CVE-2025-7425 Published : July 10, 2025, 2:15 p.m. | 2 hours, 30 minutes ago Description : A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 14:15:00 GMT

read more

CVE-2025-6211 - "DocugamiReader MD5 Hash Collision Vulnerability"

CVE ID : CVE-2025-6211 Published : July 10, 2025, 1:15 p.m. | 3 hours, 30 minutes ago Description : A vulnerability in the DocugamiReader class of the run-llama/llama_index repository, up to version 0.12.28, involves the use of MD5 hashing to generate IDs for document chunks. This approach leads to hash collisions when structurally distinct chunks contain identical text, resulting in one chunk overwriting another. This can cause loss of semantically or legally important document content, breakage of parent-child chunk hierarchies, and inaccurate or hallucinated responses in AI outputs. The issue is resolved in version 0.3.1. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 13:15:00 GMT

read more

CVE-2025-5037 - Autodesk Revit Memory Corruption Vulnerability

CVE ID : CVE-2025-5037 Published : July 10, 2025, 12:15 p.m. | 4 hours, 30 minutes ago Description : A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 12:15:00 GMT

read more

CVE-2025-5040 - Autodesk Revit Heap-Based Overflow Vulnerability

CVE ID : CVE-2025-5040 Published : July 10, 2025, 12:15 p.m. | 4 hours, 30 minutes ago Description : A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 12:15:00 GMT

read more

Microsoft, Cybermalveillance.gouv.fr et la section de lutte contre la cybercriminalité du Parquet de Paris appellent à se mobiliser contre les arnaques au faux support technique

]]>

Thu, 10 Jul 2025 10:22:00 GMT

read more

CVE-2024-7650 - OpenText Directory Services Code Injection Vulnerability

CVE ID : CVE-2024-7650 Published : July 10, 2025, 10:15 a.m. | 6 hours, 30 minutes ago Description : Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Directory Services allows Remote Code Inclusion. The vulnerability could allow access to the system via script injection.This issue affects Directory Services: 23.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 10:15:00 GMT

read more

CVE-2025-32990 - GnuTLS Heap-Buffer-Overflow Vulnerability

CVE ID : CVE-2025-32990 Published : July 10, 2025, 10:15 a.m. | 6 hours, 30 minutes ago Description : A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 10:15:00 GMT

read more

CVE-2025-5022 - Mitsubishi Electric Corporation EcoGuideTAB PV-DR004J/PV-DR004JA Wi-Fi Password Derivation Vulnerability

CVE ID : CVE-2025-5022 Published : July 10, 2025, 9:15 a.m. | 7 hours ago Description : Weak Password Requirements vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units of the product (measurement unit and display unit) to derive the password from the SSID. However, the product is not affected by this vulnerability when it remains unused for a certain period of time (default: 5 minutes) and enters the power-saving mode with the display unit's LCD screen turned off. The affected products discontinued in 2015, support ended in 2020. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-5023 - Mitsubishi Electric Corporation EcoGuideTAB Photovoltaic System Monitor Hard-coded Credentials Backdoor

CVE ID : CVE-2025-5023 Published : July 10, 2025, 9:15 a.m. | 7 hours ago Description : Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units of the product (measurement unit and display unit) to disclose information such as generated power and electricity sold back to the grid stored in the product, tamper with or destroy stored or configured information in the product, or cause a Denial-of-Service (DoS) condition on the product, by using hardcoded user ID and password common to the product series obtained by exploiting CVE-2025-5022. However, the product is not affected by this vulnerability when it remains unused for a certain period of time (default: 5 minutes) and enters the power-saving mode with the display unit's LCD screen turned off. The affected products discontinued in 2015, support ended in 2020. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-6168 - GitLab EE Group-level User Invitation Bypass Vulnerability

CVE ID : CVE-2025-6168 Published : July 10, 2025, 9:15 a.m. | 7 hours ago Description : An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated maintainers to bypass group-level user invitation restrictions by sending crafted API requests. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-6948 - GitLab Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-6948 Published : July 10, 2025, 9:15 a.m. | 7 hours ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by injecting malicious content. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38335 - Linux Kernel gpio-keys Soft Lockup Vulnerability

CVE ID : CVE-2025-38335 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT When enabling PREEMPT_RT, the gpio_keys_irq_timer() callback runs in hard irq context, but the input_event() takes a spin_lock, which isn't allowed there as it is converted to a rt_spin_lock(). [ 4054.289999] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 4054.290028] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/0 ... [ 4054.290195] __might_resched+0x13c/0x1f4 [ 4054.290209] rt_spin_lock+0x54/0x11c [ 4054.290219] input_event+0x48/0x80 [ 4054.290230] gpio_keys_irq_timer+0x4c/0x78 [ 4054.290243] __hrtimer_run_queues+0x1a4/0x438 [ 4054.290257] hrtimer_interrupt+0xe4/0x240 [ 4054.290269] arch_timer_handler_phys+0x2c/0x44 [ 4054.290283] handle_percpu_devid_irq+0x8c/0x14c [ 4054.290297] handle_irq_desc+0x40/0x58 [ 4054.290307] generic_handle_domain_irq+0x1c/0x28 [ 4054.290316] gic_handle_irq+0x44/0xcc Considering the gpio_keys_irq_isr() can run in any context, e.g. it can be threaded, it seems there's no point in requesting the timer isr to run in hard irq context. Relax the hrtimer not to use the hard context. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38336 - VIA ata DMA Hard Hang Vulnerability

CVE ID : CVE-2025-38336 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that can hard hang the system when doing ATAPI DMAs without any trace of what happened. Depending on the device attached, it can also prevent the system from booting. In this case, the system hangs when reading the ATIP from optical media with cdrecord -vvv -atip on an _NEC DVD_RW ND-4571A 1-01 and an Optiarc DVD RW AD-7200A 1.06 attached to an ASRock 990FX Extreme 4, running at UDMA/33. The issue can be reproduced by running the same command with a cygwin build of cdrecord on WinXP, although it requires more attempts to cause it. The hang in that case is also resolved by forcing PIO. It doesn't appear that VIA has produced any drivers for that OS, thus no known workaround exists. HDDs attached to the controller do not suffer from any DMA issues. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38337 - Linux Kernel jbd2 Null Pointer Dereference and Data Race Vulnerability

CVE ID : CVE-2025-38337 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() Since handle->h_transaction may be a NULL pointer, so we should change it to call is_handle_aborted(handle) first before dereferencing it. And the following data-race was reported in my fuzzer: ================================================================== BUG: KCSAN: data-race in jbd2_journal_dirty_metadata / jbd2_journal_dirty_metadata write to 0xffff888011024104 of 4 bytes by task 10881 on cpu 1: jbd2_journal_dirty_metadata+0x2a5/0x770 fs/jbd2/transaction.c:1556 __ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358 ext4_do_update_inode fs/ext4/inode.c:5220 [inline] ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869 __ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074 ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103 .... read to 0xffff888011024104 of 4 bytes by task 10880 on cpu 0: jbd2_journal_dirty_metadata+0xf2/0x770 fs/jbd2/transaction.c:1512 __ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358 ext4_do_update_inode fs/ext4/inode.c:5220 [inline] ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869 __ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074 ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103 .... value changed: 0x00000000 -> 0x00000001 ================================================================== This issue is caused by missing data-race annotation for jh->b_modified. Therefore, the missing annotation needs to be added. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38338 - "NFS Linux Kernel Deadlock and Unlocked Folio Vulnerability"

CVE ID : CVE-2025-38338 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() Sometimes, when a file was read while it was being truncated by another NFS client, the kernel could deadlock because folio_unlock() was called twice, and the second call would XOR back the `PG_locked` flag. Most of the time (depending on the timing of the truncation), nobody notices the problem because folio_unlock() gets called three times, which flips `PG_locked` back off: 1. vfs_read, nfs_read_folio, ... nfs_read_add_folio, nfs_return_empty_folio 2. vfs_read, nfs_read_folio, ... netfs_read_collection, netfs_unlock_abandoned_read_pages 3. vfs_read, ... nfs_do_read_folio, nfs_read_add_folio, nfs_return_empty_folio The problem is that nfs_read_add_folio() is not supposed to unlock the folio if fscache is enabled, and a nfs_netfs_folio_unlock() check is missing in nfs_return_empty_folio(). Rarely this leads to a warning in netfs_read_collection(): ------------[ cut here ]------------ R=0000031c: folio 10 is not locked WARNING: CPU: 0 PID: 29 at fs/netfs/read_collect.c:133 netfs_read_collection+0x7c0/0xf00 [...] Workqueue: events_unbound netfs_read_collection_worker RIP: 0010:netfs_read_collection+0x7c0/0xf00 [...] Call Trace: netfs_read_collection_worker+0x67/0x80 process_one_work+0x12e/0x2c0 worker_thread+0x295/0x3a0 Most of the time, however, processes just get stuck forever in folio_wait_bit_common(), waiting for `PG_locked` to disappear, which never happens because nobody is really holding the folio lock. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38339 - Linux Kernel PowerPC BPF Trampoline JIT Code Size Calculation Vulnerability

CVE ID : CVE-2025-38339 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: fix JIT code size calculation of bpf trampoline arch_bpf_trampoline_size() provides JIT size of the BPF trampoline before the buffer for JIT'ing it is allocated. The total number of instructions emitted for BPF trampoline JIT code depends on where the final image is located. So, the size arrived at with the dummy pass in arch_bpf_trampoline_size() can vary from the actual size needed in arch_prepare_bpf_trampoline(). When the instructions accounted in arch_bpf_trampoline_size() is less than the number of instructions emitted during the actual JIT compile of the trampoline, the below warning is produced: WARNING: CPU: 8 PID: 204190 at arch/powerpc/net/bpf_jit_comp.c:981 __arch_prepare_bpf_trampoline.isra.0+0xd2c/0xdcc which is: /* Make sure the trampoline generation logic doesn't overflow */ if (image && WARN_ON_ONCE(&image[ctx->idx] > (u32 *)rw_image_end - BPF_INSN_SAFETY)) { So, during the dummy pass, instead of providing some arbitrary image location, account for maximum possible instructions if and when there is a dependency with image location for JIT'ing. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38340 - "Linux Firmware cs_dsp Out-of-Bounds Memory Read Vulnerability"

CVE ID : CVE-2025-38340 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - cs_dsp_mock_bin_add_name_or_info(), because the source string length was rounded up to the allocation size. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38341 - Linux Kernel Eth fbnic Double Free Vulnerability

CVE ID : CVE-2025-38341 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnic_mbx_map_msg() retains the ownership of the message on error. All existing callers dutifully free the page. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38342 - Linux Kernel Out-of-Bounds Vulnerability in software_node_get_reference_args

CVE ID : CVE-2025-38342 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in software_node_get_reference_args() software_node_get_reference_args() wants to get @index-th element, so the property value requires at least '(index + 1) * sizeof(*ref)' bytes but that can not be guaranteed by current OOB check, and may cause OOB for malformed property. Fix by using as OOB check '((index + 1) * sizeof(*ref) > prop->length)'. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38343 - "TP-Link MT76 WiFi Driver Multicast Broadcast RA Fragmentation Vulnerability"

CVE ID : CVE-2025-38343 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast RA. This patch addresses vulnerabilities such as CVE-2020-26145. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38344 - Intel ACPI Cache Leak

CVE ID : CVE-2025-38344 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. I have been doing a research on ACPI and found an ACPI cache leak in ACPI early abort cases. Boot log of ACPI cache leak is as follows: [ 0.352414] ACPI: Added _OSI(Module Device) [ 0.353182] ACPI: Added _OSI(Processor Device) [ 0.353182] ACPI: Added _OSI(3.0 _SCP Extensions) [ 0.353182] ACPI: Added _OSI(Processor Aggregator Device) [ 0.356028] ACPI: Unable to start the ACPI Interpreter [ 0.356799] ACPI Error: Could not remove SCI handler (20170303/evmisc-281) [ 0.360215] kmem_cache_destroy Acpi-State: Slab cache still has objects [ 0.360648] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G W 4.12.0-rc4-next-20170608+ #10 [ 0.361273] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS virtual_box 12/01/2006 [ 0.361873] Call Trace: [ 0.362243] ? dump_stack+0x5c/0x81 [ 0.362591] ? kmem_cache_destroy+0x1aa/0x1c0 [ 0.362944] ? acpi_sleep_proc_init+0x27/0x27 [ 0.363296] ? acpi_os_delete_cache+0xa/0x10 [ 0.363646] ? acpi_ut_delete_caches+0x6d/0x7b [ 0.364000] ? acpi_terminate+0xa/0x14 [ 0.364000] ? acpi_init+0x2af/0x34f [ 0.364000] ? __class_create+0x4c/0x80 [ 0.364000] ? video_setup+0x7f/0x7f [ 0.364000] ? acpi_sleep_proc_init+0x27/0x27 [ 0.364000] ? do_one_initcall+0x4e/0x1a0 [ 0.364000] ? kernel_init_freeable+0x189/0x20a [ 0.364000] ? rest_init+0xc0/0xc0 [ 0.364000] ? kernel_init+0xa/0x100 [ 0.364000] ? ret_from_fork+0x25/0x30 I analyzed this memory leak in detail. I found that “Acpi-State” cache and “Acpi-Parse” cache were merged because the size of cache objects was same slab cache size. I finally found “Acpi-Parse” cache and “Acpi-parse_ext” cache were leaked using SLAB_NEVER_MERGE flag in kmem_cache_create() function. Real ACPI cache leak point is as follows: [ 0.360101] ACPI: Added _OSI(Module Device) [ 0.360101] ACPI: Added _OSI(Processor Device) [ 0.360101] ACPI: Added _OSI(3.0 _SCP Extensions) [ 0.361043] ACPI: Added _OSI(Processor Aggregator Device) [ 0.364016] ACPI: Unable to start the ACPI Interpreter [ 0.365061] ACPI Error: Could not remove SCI handler (20170303/evmisc-281) [ 0.368174] kmem_cache_destroy Acpi-Parse: Slab cache still has objects [ 0.369332] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G W 4.12.0-rc4-next-20170608+ #8 [ 0.371256] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS virtual_box 12/01/2006 [ 0.372000] Call Trace: [ 0.372000] ? dump_stack+0x5c/0x81 [ 0.372000] ? kmem_cache_destroy+0x1aa/0x1c0 [ 0.372000] ? acpi_sleep_proc_init+0x27/0x27 [ 0.372000] ? acpi_os_delete_cache+0xa/0x10 [ 0.372000] ? acpi_ut_delete_caches+0x56/0x7b [ 0.372000] ? acpi_terminate+0xa/0x14 [ 0.372000] ? acpi_init+0x2af/0x34f [ 0.372000] ? __class_create+0x4c/0x80 [ 0.372000] ? video_setup+0x7f/0x7f [ 0.372000] ? acpi_sleep_proc_init+0x27/0x27 [ 0.372000] ? do_one_initcall+0x4e/0x1a0 [ 0.372000] ? kernel_init_freeable+0x189/0x20a [ 0.372000] ? rest_init+0xc0/0xc0 [ 0.372000] ? kernel_init+0xa/0x100 [ 0.372000] ? ret_from_fork+0x25/0x30 [ 0.388039] kmem_cache_destroy Acpi-parse_ext: Slab cache still has objects [ 0.389063] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G W 4.12.0-rc4-next-20170608+ #8 [ 0.390557] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS virtual_box 12/01/2006 [ 0.392000] Call Trace: [ 0.392000] ? dump_stack+0x5c/0x81 [ 0.392000] ? kmem_cache_destroy+0x1aa/0x1c0 [ 0.392000] ? acpi_sleep_proc_init+0x27/0x27 [ 0.392000] ? acpi_os_delete_cache+0xa/0x10 [ 0.392000] ? acpi_ut_delete_caches+0x6d/0x7b [ 0.392000] ? acpi_terminate+0xa/0x14 [ 0.392000] ? acpi_init+0x2af/0x3 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38345 - "Intel Virtual Box ACPICA Illegal I/O Port Address/Length Vulnerability"

CVE ID : CVE-2025-38345 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination occurs due to malicious ACPI table, Linux kernel terminates ACPI function and continues to boot process. While kernel terminates ACPI function, kmem_cache_destroy() reports Acpi-Operand cache leak. Boot log of ACPI operand cache leak is as follows: >[ 0.585957] ACPI: Added _OSI(Module Device) >[ 0.587218] ACPI: Added _OSI(Processor Device) >[ 0.588530] ACPI: Added _OSI(3.0 _SCP Extensions) >[ 0.589790] ACPI: Added _OSI(Processor Aggregator Device) >[ 0.591534] ACPI Error: Illegal I/O port address/length above 64K: C806E00000004002/0x2 (20170303/hwvalid-155) >[ 0.594351] ACPI Exception: AE_LIMIT, Unable to initialize fixed events (20170303/evevent-88) >[ 0.597858] ACPI: Unable to start the ACPI Interpreter >[ 0.599162] ACPI Error: Could not remove SCI handler (20170303/evmisc-281) >[ 0.601836] kmem_cache_destroy Acpi-Operand: Slab cache still has objects >[ 0.603556] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.12.0-rc5 #26 >[ 0.605159] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS virtual_box 12/01/2006 >[ 0.609177] Call Trace: >[ 0.610063] ? dump_stack+0x5c/0x81 >[ 0.611118] ? kmem_cache_destroy+0x1aa/0x1c0 >[ 0.612632] ? acpi_sleep_proc_init+0x27/0x27 >[ 0.613906] ? acpi_os_delete_cache+0xa/0x10 >[ 0.617986] ? acpi_ut_delete_caches+0x3f/0x7b >[ 0.619293] ? acpi_terminate+0xa/0x14 >[ 0.620394] ? acpi_init+0x2af/0x34f >[ 0.621616] ? __class_create+0x4c/0x80 >[ 0.623412] ? video_setup+0x7f/0x7f >[ 0.624585] ? acpi_sleep_proc_init+0x27/0x27 >[ 0.625861] ? do_one_initcall+0x4e/0x1a0 >[ 0.627513] ? kernel_init_freeable+0x19e/0x21f >[ 0.628972] ? rest_init+0x80/0x80 >[ 0.630043] ? kernel_init+0xa/0x100 >[ 0.631084] ? ret_from_fork+0x25/0x30 >[ 0.633343] vgaarb: loaded >[ 0.635036] EDAC MC: Ver: 3.0.0 >[ 0.638601] PCI: Probing PCI hardware >[ 0.639833] PCI host bridge to bus 0000:00 >[ 0.641031] pci_bus 0000:00: root bus resource [io 0x0000-0xffff] > ... Continue to boot and log is omitted ... I analyzed this memory leak in detail and found acpi_ds_obj_stack_pop_and_ delete() function miscalculated the top of the stack. acpi_ds_obj_stack_push() function uses walk_state->operand_index for start position of the top, but acpi_ds_obj_stack_pop_and_delete() function considers index 0 for it. Therefore, this causes acpi operand memory leak. This cache leak causes a security threat because an old kernel ( 4.9) shows memory locations of kernel functions in stack dump. Some malicious users could use this information to neutralize kernel ASLR. I made a patch to fix ACPI operand cache leak. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38346 - Linux kernel ftrace UAF Vulnerability

CVE ID : CVE-2025-38346 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd671067 PMD 101808067 PTE 0 Oops: Oops: 0000 [#1] SMP KASAN PTI Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS RIP: 0010:sized_strscpy+0x81/0x2f0 RSP: 0018:ffff88812d76fa08 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffffffffc0601010 RCX: dffffc0000000000 RDX: 0000000000000038 RSI: dffffc0000000000 RDI: ffff88812608da2d RBP: 8080808080808080 R08: ffff88812608da2d R09: ffff88812608da68 R10: ffff88812608d82d R11: ffff88812608d810 R12: 0000000000000038 R13: ffff88812608da2d R14: ffffffffc05d0218 R15: fefefefefefefeff FS: 00007fef552de740(0000) GS:ffff8884251c7000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffc05d0218 CR3: 00000001146f0000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ftrace_mod_get_kallsym+0x1ac/0x590 update_iter_mod+0x239/0x5b0 s_next+0x5b/0xa0 seq_read_iter+0x8c9/0x1070 seq_read+0x249/0x3b0 proc_reg_read+0x1b0/0x280 vfs_read+0x17f/0x920 ksys_read+0xf3/0x1c0 do_syscall_64+0x5f/0x2e0 entry_SYSCALL_64_after_hwframe+0x76/0x7e The above issue may happen as follows: (1) Add kprobe tracepoint; (2) insmod test.ko; (3) Module triggers ftrace disabled; (4) rmmod test.ko; (5) cat /proc/kallsyms; --> Will trigger UAF as test.ko already removed; ftrace_mod_get_kallsym() ... strscpy(module_name, mod_map->mod->name, MODULE_NAME_LEN); ... The problem is when a module triggers an issue with ftrace and sets ftrace_disable. The ftrace_disable is set when an anomaly is discovered and to prevent any more damage, ftrace stops all text modification. The issue that happened was that the ftrace_disable stops more than just the text modification. When a module is loaded, its init functions can also be traced. Because kallsyms deletes the init functions after a module has loaded, ftrace saves them when the module is loaded and function tracing is enabled. This allows the output of the function trace to show the init function names instead of just their raw memory addresses. When a module is removed, ftrace_release_mod() is called, and if ftrace_disable is set, it just returns without doing anything more. The problem here is that it leaves the mod_list still around and if kallsyms is called, it will call into this code and access the module memory that has already been freed as it will return: strscpy(module_name, mod_map->mod->name, MODULE_NAME_LEN); Where the "mod" no longer exists and triggers a UAF bug. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38347 - F2FS Inline Data Corruption Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-38347 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor140 state:D stack:24016 pid:5308 tgid:5308 ppid:5306 task_flags:0x400140 flags:0x00000006 Call Trace: context_switch kernel/sched/core.c:5378 [inline] __schedule+0x190e/0x4c90 kernel/sched/core.c:6765 __schedule_loop kernel/sched/core.c:6842 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6857 io_schedule+0x8d/0x110 kernel/sched/core.c:7690 folio_wait_bit_common+0x839/0xee0 mm/filemap.c:1317 __folio_lock mm/filemap.c:1664 [inline] folio_lock include/linux/pagemap.h:1163 [inline] __filemap_get_folio+0x147/0xb40 mm/filemap.c:1917 pagecache_get_page+0x2c/0x130 mm/folio-compat.c:87 find_get_page_flags include/linux/pagemap.h:842 [inline] f2fs_grab_cache_page+0x2b/0x320 fs/f2fs/f2fs.h:2776 __get_node_page+0x131/0x11b0 fs/f2fs/node.c:1463 read_xattr_block+0xfb/0x190 fs/f2fs/xattr.c:306 lookup_all_xattrs fs/f2fs/xattr.c:355 [inline] f2fs_getxattr+0x676/0xf70 fs/f2fs/xattr.c:533 __f2fs_get_acl+0x52/0x870 fs/f2fs/acl.c:179 f2fs_acl_create fs/f2fs/acl.c:375 [inline] f2fs_init_acl+0xd7/0x9b0 fs/f2fs/acl.c:418 f2fs_init_inode_metadata+0xa0f/0x1050 fs/f2fs/dir.c:539 f2fs_add_inline_entry+0x448/0x860 fs/f2fs/inline.c:666 f2fs_add_dentry+0xba/0x1e0 fs/f2fs/dir.c:765 f2fs_do_add_link+0x28c/0x3a0 fs/f2fs/dir.c:808 f2fs_add_link fs/f2fs/f2fs.h:3616 [inline] f2fs_mknod+0x2e8/0x5b0 fs/f2fs/namei.c:766 vfs_mknod+0x36d/0x3b0 fs/namei.c:4191 unix_bind_bsd net/unix/af_unix.c:1286 [inline] unix_bind+0x563/0xe30 net/unix/af_unix.c:1379 __sys_bind_socket net/socket.c:1817 [inline] __sys_bind+0x1e4/0x290 net/socket.c:1848 __do_sys_bind net/socket.c:1853 [inline] __se_sys_bind net/socket.c:1851 [inline] __x64_sys_bind+0x7a/0x90 net/socket.c:1851 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Let's dump and check metadata of corrupted inode, it shows its xattr_nid is the same to its i_ino. dump.f2fs -i 3 chaseyu.img.raw i_xattr_nid [0x 3 : 3] So that, during mknod in the corrupted directory, it tries to get and lock inode page twice, result in deadlock. - f2fs_mknod - f2fs_add_inline_entry - f2fs_get_inode_page --- lock dir's inode page - f2fs_init_acl - f2fs_acl_create(dir,..) - __f2fs_get_acl - f2fs_getxattr - lookup_all_xattrs - __get_node_page --- try to lock dir's inode page In order to fix this, let's add sanity check on ino and xnid. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38348 - "Intersil p54 WiFi Interface Buffer Overflow Vulnerability"

CVE ID : CVE-2025-38348 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eeprom_readback message with a large |eeprom->v1.len, p54_rx_eeprom_readback() will copy data from the |message beyond the end of priv->eeprom. | |static void p54_rx_eeprom_readback(struct p54_common *priv, | struct sk_buff *skb) |{ | struct p54_hdr *hdr = (struct p54_hdr *) skb->data; | struct p54_eeprom_lm86 *eeprom = (struct p54_eeprom_lm86 *) hdr->data; | | if (priv->fw_var >= 0x509) { | memcpy(priv->eeprom, eeprom->v2.data, | le16_to_cpu(eeprom->v2.len)); | } else { | memcpy(priv->eeprom, eeprom->v1.data, | le16_to_cpu(eeprom->v1.len)); | } | [...] The eeprom->v{1,2}.len is set by the driver in p54_download_eeprom(). The device is supposed to provide the same length back to the driver. But yes, it's possible (like shown in the report) to alter the value to something that causes a crash/panic due to overrun. This patch addresses the issue by adding the size to the common device context, so p54_rx_eeprom_readback no longer relies on possibly tampered values... That said, it also checks if the "firmware" altered the value and no longer copies them. The one, small saving grace is: Before the driver tries to read the eeprom, it needs to upload >a firmware. the vendor firmware has a proprietary license and as a reason, it is not present on most distributions by default. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-3396 - GitLab EE API Request Forgery Vulnerability

CVE ID : CVE-2025-3396 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API requests. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-4972 - GitLab EE Group Invitation Privilege Escalation Vulnerability

CVE ID : CVE-2025-4972 Published : July 10, 2025, 9:15 a.m. | 5 hours, 11 minutes ago Description : An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass group-level user invitation restrictions by manipulating group invitation functionality. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38332 - IBM lpfc String Buffer Overflow Vulnerability

CVE ID : CVE-2025-38332 Published : July 10, 2025, 9:15 a.m. | 3 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy() for BIOS version The strlcat() with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset() with 0 followed by a strlcat(), just use memcpy() and ensure that the resulting buffer is NULL terminated. BIOSVersion is only used for the lpfc_printf_log() which expects a properly terminated string. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38333 - F2FS Linux Kernel Inconsistent Segment Status Information Disclosure

CVE ID : CVE-2025-38333 Published : July 10, 2025, 9:15 a.m. | 3 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to bail out in get_new_segment() ------------[ cut here ]------------ WARNING: CPU: 3 PID: 579 at fs/f2fs/segment.c:2832 new_curseg+0x5e8/0x6dc pc : new_curseg+0x5e8/0x6dc Call trace: new_curseg+0x5e8/0x6dc f2fs_allocate_data_block+0xa54/0xe28 do_write_page+0x6c/0x194 f2fs_do_write_node_page+0x38/0x78 __write_node_page+0x248/0x6d4 f2fs_sync_node_pages+0x524/0x72c f2fs_write_checkpoint+0x4bc/0x9b0 __checkpoint_and_complete_reqs+0x80/0x244 issue_checkpoint_thread+0x8c/0xec kthread+0x114/0x1bc ret_from_fork+0x10/0x20 get_new_segment() detects inconsistent status in between free_segmap and free_secmap, let's record such error into super block, and bail out get_new_segment() instead of continue using the segment. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38334 - Linux Kernel SGX: Poisoned Page Reclaimer Vulnerability

CVE ID : CVE-2025-38334 Published : July 10, 2025, 9:15 a.m. | 3 hours, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Prevent attempts to reclaim poisoned pages TL;DR: SGX page reclaim touches the page to copy its contents to secondary storage. SGX instructions do not gracefully handle machine checks. Despite this, the existing SGX code will try to reclaim pages that it _knows_ are poisoned. Avoid even trying to reclaim poisoned pages. The longer story: Pages used by an enclave only get epc_page->poison set in arch_memory_failure() but they currently stay on sgx_active_page_list until sgx_encl_release(), with the SGX_EPC_PAGE_RECLAIMER_TRACKED flag untouched. epc_page->poison is not checked in the reclaimer logic meaning that, if other conditions are met, an attempt will be made to reclaim an EPC page that was poisoned. This is bad because 1. we don't want that page to end up added to another enclave and 2. it is likely to cause one core to shut down and the kernel to panic. Specifically, reclaiming uses microcode operations including "EWB" which accesses the EPC page contents to encrypt and write them out to non-SGX memory. Those operations cannot handle MCEs in their accesses other than by putting the executing core into a special shutdown state (affecting both threads with HT.) The kernel will subsequently panic on the remaining cores seeing the core didn't enter MCE handler(s) in time. Call sgx_unmark_page_reclaimable() to remove the affected EPC page from sgx_active_page_list on memory error to stop it being considered for reclaiming. Testing epc_page->poison in sgx_reclaim_pages() would also work but I assume it's better to add code in the less likely paths. The affected EPC page is not added to &node->sgx_poison_page_list until later in sgx_encl_release()->sgx_free_epc_page() when it is EREMOVEd. Membership on other lists doesn't change to avoid changing any of the lists' semantics except for sgx_active_page_list. There's a "TBD" comment in arch_memory_failure() about pre-emptive actions, the goal here is not to address everything that it may imply. This also doesn't completely close the time window when a memory error notification will be fatal (for a not previously poisoned EPC page) -- the MCE can happen after sgx_reclaim_pages() has selected its candidates or even *inside* a microcode operation (actually easy to trigger due to the amount of time spent in them.) The spinlock in sgx_unmark_page_reclaimable() is safe because memory_failure() runs in process context and no spinlocks are held, explicitly noted in a mm/memory-failure.c comment. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38330 - Linux Kernel Firmware cs_dsp Out-of-Bounds Memory Read Vulnerability

CVE ID : CVE-2025-38330 Published : July 10, 2025, 9:15 a.m. | 1 hour, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache) KASAN reported out of bounds access - cs_dsp_ctl_cache_init_multiple_offsets(). The code uses mock_coeff_template.length_bytes (4 bytes) for register value allocations. But later, this length is set to 8 bytes which causes test code failures. As fix, just remove the lenght override, keeping the original value 4 for all operations. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-38331 - "Cortina Ethernet NetEngine TCP Offload Engine Segmentation Quirk"

CVE ID : CVE-2025-38331 Published : July 10, 2025, 9:15 a.m. | 1 hour, 11 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb->len to the "TOE/TSO" offloader and it will handle them. Without this quirk the driver becomes unstable and lock up and and crash. I do not know exactly why, but it is probably due to the TOE (TCP offload engine) feature that is coupled with the segmentation feature - it is not possible to turn one part off and not the other, either both TOE and TSO are active, or neither of them. Not having the TOE part active seems detrimental, as if that hardware feature is not really supposed to be turned off. The datasheet says: "Based on packet parsing and TCP connection/NAT table lookup results, the NetEngine puts the packets belonging to the same TCP connection to the same queue for the software to process. The NetEngine puts incoming packets to the buffer or series of buffers for a jumbo packet. With this hardware acceleration, IP/TCP header parsing, checksum validation and connection lookup are offloaded from the software processing." After numerous tests with the hardware locking up after something between minutes and hours depending on load using iperf3 I have concluded this is necessary to stabilize the hardware. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 09:15:00 GMT

read more

CVE-2025-6234 - Hostel WordPress Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6234 Published : July 10, 2025, 6:15 a.m. | 2 hours, 11 minutes ago Description : The Hostel WordPress plugin before 1.1.5.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 06:15:00 GMT

read more

CVE-2025-6236 - Hostel WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6236 Published : July 10, 2025, 6:15 a.m. | 2 hours, 11 minutes ago Description : The Hostel WordPress plugin before 1.1.5.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 06:15:00 GMT

read more

CVE-2025-7387 - Lana Downloads Manager Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7387 Published : July 10, 2025, 6:15 a.m. | 2 hours, 11 minutes ago Description : The Lana Downloads Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the endpoint parameters in versions up to, and including, 1.10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with administrator-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 06:15:00 GMT

read more

CVE-2023-50458 - Dradis Output Console Job Queue Information Disclosure

CVE ID : CVE-2023-50458 Published : July 10, 2025, 4:15 a.m. | 4 hours, 11 minutes ago Description : In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about other users' jobs. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 04:15:00 GMT

read more

CVE-2025-35983 - Cisco Controller 7000 Certificate Validation Denial of Service

CVE ID : CVE-2025-35983 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected. This issue affects Controller 7000: 9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1)). Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-44003 - Gallagher T-Series Reader Resource Exhaustion Denial of Service

CVE ID : CVE-2025-44003 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allows an attacker with physical access to the reader to perform a limited denial of service when 125 kHz Card Technology is enabled. This issue affects T-Series Readers: 9.20 prior to vCR9.20.250213a (distributed in 9.20.1827 (MR2)), 9.10 prior to vCR9.10.250213a (distributed in 9.10.2692(MR5)), 9.00 prior to vCR9.00.250619a (distributed in vEL9.00.3371 (MR7)), all versions of 8.90 and prior. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-46406 - "Schneider Electric Command Centre Server Privilege Escalation"

CVE ID : CVE-2025-46406 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 (MR1), 9.20 prior to 9.20.2337 (MR3), 9.10 prior to 9.10.3194 (MR6), 9.00 prior to 9.00.3371 (MR7), all versions of 8.90 and prior. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53746 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-53746 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53747 - Citrix WebApp

CVE ID : CVE-2025-53747 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53748 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-53748 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53749 - Not used Weblogic Server Authentication Bypass

CVE ID : CVE-2025-53749 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53750 - Apache HTTP Server Authentication Bypass

CVE ID : CVE-2025-53750 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53751 - Adobe Flash Unvalidated User Input

CVE ID : CVE-2025-53751 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53752 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-53752 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-53753 - Apple Safari Cross-Site Scripting

CVE ID : CVE-2025-53753 Published : July 10, 2025, 3:15 a.m. | 5 hours, 11 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 03:15:00 GMT

read more

CVE-2025-4406 - WordPress wpForo Forum Stored Cross-Site Scripting

CVE ID : CVE-2025-4406 Published : July 10, 2025, 2:15 a.m. | 6 hours, 11 minutes ago Description : The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 02:15:00 GMT

read more

CVE-2025-5807 - WordPress Gwolle Guestbook Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5807 Published : July 10, 2025, 2:15 a.m. | 6 hours, 11 minutes ago Description : The Gwolle Guestbook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘gwolle_gb_content’ parameter in all versions up to, and including, 4.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 10 Jul 2025 02:15:00 GMT

read more

CVE-2024-10391 - Apache HTTP Server Remote Code Execution

CVE ID : CVE-2024-10391 Published : July 9, 2025, 11:15 p.m. | 9 hours, 11 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-0139 - Palo Alto Networks Autonomous Digital Experience Manager Privilege Escalation Vulnerability

CVE ID : CVE-2025-0139 Published : July 9, 2025, 11:15 p.m. | 9 hours, 11 minutes ago Description : An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital Experience Manager allows a locally authenticated low privileged user on macOS endpoints to escalate their privileges to root. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-0140 - Palo Alto Networks GlobalProtect App Privilege Escalation Vulnerability

CVE ID : CVE-2025-0140 Published : July 9, 2025, 11:15 p.m. | 9 hours, 11 minutes ago Description : An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS and Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on Windows, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-0141 - Palo Alto Networks GlobalProtect™ App Privilege Escalation Vulnerability

CVE ID : CVE-2025-0141 Published : July 9, 2025, 11:15 p.m. | 9 hours, 11 minutes ago Description : An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-0646 - Apache HTTP Server Command Injection

CVE ID : CVE-2025-0646 Published : July 9, 2025, 11:15 p.m. | 9 hours, 11 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-6970 - WordPress Events Manager SQL Injection

CVE ID : CVE-2025-6970 Published : July 9, 2025, 11:15 p.m. | 9 hours, 11 minutes ago Description : The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 7.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-6975 - WordPress Events Manager - Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6975 Published : July 9, 2025, 11:15 p.m. | 9 hours, 11 minutes ago Description : The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘calendar_header’ parameter in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-6976 - WordPress Events Manager - Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6976 Published : July 9, 2025, 11:15 p.m. | 9 hours, 11 minutes ago Description : The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 23:15:00 GMT

read more

CVE-2025-53624 - Docusaurus GitHub Gists Plugin Exposes Personal Access Tokens

CVE ID : CVE-2025-53624 Published : July 9, 2025, 9:15 p.m. | 9 hours, 11 minutes ago Description : The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuration options. The token, intended for build-time API access only, is inadvertently included in client-side JavaScript bundles, making it accessible to anyone who can view the website's source code. This vulnerability is fixed in 4.0.0. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 21:15:00 GMT

read more

CVE-2025-6376 - Rockwell Automation Arena® Remote Code Execution Vulnerability

CVE ID : CVE-2025-6376 Published : July 9, 2025, 9:15 p.m. | 9 hours, 11 minutes ago Description : A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threat actor could execute arbitrary code on the target system. The software must run under the context of the administrator in order to cause worse case impact. This is reflected in the Rockwell CVSS score, as AT:P. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 21:15:00 GMT

read more

CVE-2025-6377 - Rockwell Automation Arena® Remote Code Execution Vulnerability

CVE ID : CVE-2025-6377 Published : July 9, 2025, 9:15 p.m. | 9 hours, 11 minutes ago Description : A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threat actor could execute arbitrary code on the target system. The software must run under the context of the administrator in order to cause worse case impact. This is reflected in the Rockwell CVSS score, as AT:P. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 21:15:00 GMT

read more

CVE-2025-52357 - FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

CVE ID : CVE-2025-52357 Published : July 9, 2025, 8:15 p.m. | 7 hours, 56 minutes ago Description : Cross-Site Scripting (XSS) vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router (firmware V2.2.14), allowing an authenticated attacker to execute arbitrary JavaScript code in the context of the router s web interface. The vulnerability is triggered via user-supplied input in the ping form field, which fails to sanitize special characters. This can be exploited to hijack sessions or escalate privileges through social engineering or browser-based attacks. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 20:15:00 GMT

read more

CVE-2021-27961 - Evesys Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2021-27961 Published : July 9, 2025, 7:15 p.m. | 6 hours, 54 minutes ago Description : evesys 7.1 (2152) through 8.0 (2202) allows Reflected XSS via the indexeva.php action parameter. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 19:15:00 GMT

read more

CVE-2025-36599 - Dell PowerFlex Manager VM Log File Information Disclosure

CVE ID : CVE-2025-36599 Published : July 9, 2025, 7:15 p.m. | 6 hours, 54 minutes ago Description : Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the system with privileges of the compromised account. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 19:15:00 GMT

read more

CVE-2025-53620 - Builder.io Qwik City Denial of Service (DoS)

CVE ID : CVE-2025-53620 Published : July 9, 2025, 7:15 p.m. | 6 hours, 54 minutes ago Description : @builder.io/qwik-city is the meta-framework for Qwik. When a Qwik Server Action QRL is executed it dynamically load the file containing the symbol. When an invalid qfunc is sent, the server does not handle the thrown error. The error then causes Node JS to exit. This vulnerability is fixed in 1.13.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 19:15:00 GMT

read more

CVE-2025-53548 - Clerk Webhook Signature Validation Bypass

CVE ID : CVE-2025-53548 Published : July 9, 2025, 6:15 p.m. | 7 hours, 54 minutes ago Description : Clerk helps developers build user management. Applications that use the verifyWebhook() helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 18:15:00 GMT

read more

CVE-2025-44525 - Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK BLE Denial of Service Vulnerability

CVE ID : CVE-2025-44525 Published : July 9, 2025, 5:15 p.m. | 8 hours, 54 minutes ago Description : Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE) data packets. This issue allows attackers to cause a Denial of Service (DoS) via a crafted LL_Length_Req packet. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 17:15:00 GMT

read more

CVE-2025-53645 - Zimbra Collaboration Suite Denial of Service Vulnerability

CVE ID : CVE-2025-53645 Published : July 9, 2025, 5:15 p.m. | 8 hours, 54 minutes ago Description : Zimbra Collaboration Suite (ZCS) before 9.0.0 Patch 46, 10.0.x before 10.0.15, and 10.1.x before 10.1.9 is vulnerable to a denial of service condition due to improper handling of excessive, comma-separated path segments in both the Webmail interface and the Admin Console. An unauthenticated remote attacker can send specially crafted GET requests that trigger redundant processing and inflated responses. This leads to uncontrolled resource consumption, resulting in denial of service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 17:15:00 GMT

read more

CVE-2025-53675 - Jenkins Warrior Framework Plugin Unencrypted Password Storage Vulnerability

CVE ID : CVE-2025-53675 Published : July 9, 2025, 4:15 p.m. | 9 hours, 54 minutes ago Description : Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53676 - Jenkins Xooa Plugin Unencrypted Configuration File Storage

CVE ID : CVE-2025-53676 Published : July 9, 2025, 4:15 p.m. | 9 hours, 54 minutes ago Description : Jenkins Xooa Plugin 0.0.7 and earlier stores the Xooa Deployment Token unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53677 - Jenkins Xooa Plugin Information Disclosure

CVE ID : CVE-2025-53677 Published : July 9, 2025, 4:15 p.m. | 9 hours, 54 minutes ago Description : Jenkins Xooa Plugin 0.0.7 and earlier does not mask the Xooa Deployment Token on the global configuration form, increasing the potential for attackers to observe and capture it. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53678 - Jenkins uTester Plugin JWT Token Storage Vulnerability

CVE ID : CVE-2025-53678 Published : July 9, 2025, 4:15 p.m. | 9 hours, 54 minutes ago Description : Jenkins User1st uTester Plugin 1.1 and earlier stores the uTester JWT token unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53742 - Jenkins Applitools Eyes Plugin API Key Exposure

CVE ID : CVE-2025-53742 Published : July 9, 2025, 4:15 p.m. | 9 hours, 54 minutes ago Description : Jenkins Applitools Eyes Plugin 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53743 - Jenkins Applitools Eyes Plugin API Key Disclosure

CVE ID : CVE-2025-53743 Published : July 9, 2025, 4:15 p.m. | 9 hours, 54 minutes ago Description : Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not mask Applitools API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-7381 - Apache PHP Information Disclosure

CVE ID : CVE-2025-7381 Published : July 9, 2025, 4:15 p.m. | 9 hours, 54 minutes ago Description : ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint the server and identify potential weaknesses. WorkaroundsThe mitigation requires changing the expose_php variable from "On" to "Off" in the file located at /usr/local/etc/php/php.ini. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53667 - Jenkins Dead Man's Snitch Plugin Token Disclosure Vulnerability

CVE ID : CVE-2025-53667 Published : July 9, 2025, 4:15 p.m. | 6 hours, 11 minutes ago Description : Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53668 - Jenkins VAddy Plugin Unencrypted API Auth Key Storage

CVE ID : CVE-2025-53668 Published : July 9, 2025, 4:15 p.m. | 6 hours, 11 minutes ago Description : Jenkins VAddy Plugin 1.2.8 and earlier stores Vaddy API Auth Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53669 - Jenkins VAddy Plugin Information Disclosure Vulnerability

CVE ID : CVE-2025-53669 Published : July 9, 2025, 4:15 p.m. | 6 hours, 11 minutes ago Description : Jenkins VAddy Plugin 1.2.8 and earlier does not mask Vaddy API Auth Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53670 - Jenkins Nouvola DiveCloud Plugin Unencrypted Credentials Storage Vulnerability

CVE ID : CVE-2025-53670 Published : July 9, 2025, 4:15 p.m. | 6 hours, 11 minutes ago Description : Jenkins Nouvola DiveCloud Plugin 1.08 and earlier stores DiveCloud API Keys and Credentials Encryption Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53671 - Jenkins Nouvola DiveCloud Plugin Information Disclosure

CVE ID : CVE-2025-53671 Published : July 9, 2025, 4:15 p.m. | 6 hours, 11 minutes ago Description : Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53672 - Jenkins Kryptowire Plugin Unencrypted API Key Storage

CVE ID : CVE-2025-53672 Published : July 9, 2025, 4:15 p.m. | 6 hours, 11 minutes ago Description : Jenkins Kryptowire Plugin 0.2 and earlier stores the Kryptowire API key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53673 - Jenkins Sensedia Api Platform tools Plugin Credentials Exposure

CVE ID : CVE-2025-53673 Published : July 9, 2025, 4:15 p.m. | 6 hours, 11 minutes ago Description : Jenkins Sensedia Api Platform tools Plugin 1.0 stores the Sensedia API Manager integration token unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53674 - Jenkins Sensedia Api Platform tools Plugin Information Disclosure Vulnerability

CVE ID : CVE-2025-53674 Published : July 9, 2025, 4:15 p.m. | 6 hours, 11 minutes ago Description : Jenkins Sensedia Api Platform tools Plugin 1.0 does not mask the Sensedia API Manager integration token on the global configuration form, increasing the potential for attackers to observe and capture it. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53663 - Jenkins IBM Cloud DevOps Plugin Unencrypted Token Storage Vulnerability

CVE ID : CVE-2025-53663 Published : July 9, 2025, 4:15 p.m. | 4 hours, 10 minutes ago Description : Jenkins IBM Cloud DevOps Plugin 2.0.16 and earlier stores SonarQube authentication tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53664 - Jenkins Apica Loadtest Plugin Unencrypted Authentication Token Storage Vulnerability

CVE ID : CVE-2025-53664 Published : July 9, 2025, 4:15 p.m. | 4 hours, 10 minutes ago Description : Jenkins Apica Loadtest Plugin 1.10 and earlier stores Apica Loadtest LTP authentication tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53665 - Jenkins Apica Loadtest Plugin Authentication Token Information Disclosure

CVE ID : CVE-2025-53665 Published : July 9, 2025, 4:15 p.m. | 4 hours, 10 minutes ago Description : Jenkins Apica Loadtest Plugin 1.10 and earlier does not mask Apica Loadtest LTP authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53666 - Jenkins Dead Man's Snitch Plugin Unencrypted Token Storage

CVE ID : CVE-2025-53666 Published : July 9, 2025, 4:15 p.m. | 4 hours, 10 minutes ago Description : Jenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53660 - Jenkins QMetry Test Management Plugin Information Disclosure

CVE ID : CVE-2025-53660 Published : July 9, 2025, 4:15 p.m. | 2 hours, 15 minutes ago Description : Jenkins QMetry Test Management Plugin 1.13 and earlier does not mask Qmetry Automation API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53661 - Jenkins Testsigma Test Plan Run Plugin API Key Exposure Vulnerability

CVE ID : CVE-2025-53661 Published : July 9, 2025, 4:15 p.m. | 2 hours, 15 minutes ago Description : Jenkins Testsigma Test Plan run Plugin 1.6 and earlier does not mask Testsigma API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53662 - Jenkins IFTTT Build Notifier Plugin Authentication Bypass

CVE ID : CVE-2025-53662 Published : July 9, 2025, 4:15 p.m. | 2 hours, 15 minutes ago Description : Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53659 - Jenkins QMetry Test Management Plugin API Key Exposure

CVE ID : CVE-2025-53659 Published : July 9, 2025, 4:15 p.m. | 2 hours, 9 minutes ago Description : Jenkins QMetry Test Management Plugin 1.13 and earlier stores Qmetry Automation API Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53657 - Jenkins ReadyAPI Functional Testing Plugin Information Disclosure

CVE ID : CVE-2025-53657 Published : July 9, 2025, 4:15 p.m. | 59 minutes ago Description : Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed on the job configuration form, increasing the potential for attackers to observe and capture them. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-53658 - Jenkins Applitools Eyes Plugin Stored XSS

CVE ID : CVE-2025-53658 Published : July 9, 2025, 4:15 p.m. | 59 minutes ago Description : Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not escape the Applitools URL on the build page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 16:15:00 GMT

read more

CVE-2025-1112 - IBM OpenPages with Watson Information Disclosure Vulnerability

CVE ID : CVE-2025-1112 Published : July 9, 2025, 3:15 p.m. | 50 minutes ago Description : IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-2670 - IBM OpenPages Information Disclosure Vulnerability

CVE ID : CVE-2025-2670 Published : July 9, 2025, 3:15 p.m. | 50 minutes ago Description : IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. An authenticated user is able to obtain certain information about Workflow related configuration and internal state. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-52364 - Tenda CP3 Pro Telnet Insecure Permissions Vulnerability

CVE ID : CVE-2025-52364 Published : July 9, 2025, 3:15 p.m. | 50 minutes ago Description : Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.93 allows the telnet service (telnetd) by default at boot via the initialization script /etc/init.d/eth.sh. This allows remote attackers to connect to the device s shell over the network, potentially without authentication if default or weak credentials are present Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-53546 - GitHub Folo GitHub Token Exfiltration Vulnerability

CVE ID : CVE-2025-53546 Published : July 9, 2025, 3:15 p.m. | 50 minutes ago Description : Folo organizes feeds content into one timeline. Using pull_request_target on .github/workflows/auto-fix-lint-format-commit.yml can be exploited by attackers, since untrusted code can be executed having full access to secrets (from the base repo). By exploiting the vulnerability is possible to exfiltrate GITHUB_TOKEN which has high privileges. GITHUB_TOKEN can be used to completely overtake the repo since the token has content write privileges. This vulnerability is fixed in commit 585c6a591440cd39f92374230ac5d65d7dd23d6a. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-7204 - ConnectWise PSA: Unauthenticated Password Hash Disclosure

CVE ID : CVE-2025-7204 Published : July 9, 2025, 3:15 p.m. | 50 minutes ago Description : In ConnectWise PSA versions older than 2025.9, a vulnerability exists where authenticated users could gain access to sensitive user information. Specific API requests were found to return an overly verbose user object, which included encrypted password hashes for other users. Authenticated users could then retrieve these hashes. An attacker or privileged user could then use these exposed hashes to conduct offline brute-force or dictionary attacks. Such attacks could lead to credential compromise, allowing unauthorized access to accounts, and potentially privilege escalation within the system. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 15:15:00 GMT

read more

CVE-2025-6514 - MCP-remote OS Command Injection Vulnerability

CVE ID : CVE-2025-6514 Published : July 9, 2025, 1:15 p.m. | 2 hours, 50 minutes ago Description : mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 13:15:00 GMT

read more

CVE-2025-38246 - "Broadcom bnxt Enet XDP Redirect List Corruption Vulnerability"

CVE ID : CVE-2025-38246 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bnxt: properly flush XDP redirect lists We encountered following crash when testing a XDP_REDIRECT feature in production: [56251.579676] list_add corruption. next->prev should be prev (ffff93120dd40f30), but was ffffb301ef3a6740. (next=ffff93120dd 40f30). [56251.601413] ------------[ cut here ]------------ [56251.611357] kernel BUG at lib/list_debug.c:29! [56251.621082] Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [56251.632073] CPU: 111 UID: 0 PID: 0 Comm: swapper/111 Kdump: loaded Tainted: P O 6.12.33-cloudflare-2025.6. 3 #1 [56251.653155] Tainted: [P]=PROPRIETARY_MODULE, [O]=OOT_MODULE [56251.663877] Hardware name: MiTAC GC68B-B8032-G11P6-GPU/S8032GM-HE-CFR, BIOS V7.020.B10-sig 01/22/2025 [56251.682626] RIP: 0010:__list_add_valid_or_report+0x4b/0xa0 [56251.693203] Code: 0e 48 c7 c7 68 e7 d9 97 e8 42 16 fe ff 0f 0b 48 8b 52 08 48 39 c2 74 14 48 89 f1 48 c7 c7 90 e7 d9 97 48 89 c6 e8 25 16 fe ff 0b 4c 8b 02 49 39 f0 74 14 48 89 d1 48 c7 c7 e8 e7 d9 97 4c 89 [56251.725811] RSP: 0018:ffff93120dd40b80 EFLAGS: 00010246 [56251.736094] RAX: 0000000000000075 RBX: ffffb301e6bba9d8 RCX: 0000000000000000 [56251.748260] RDX: 0000000000000000 RSI: ffff9149afda0b80 RDI: ffff9149afda0b80 [56251.760349] RBP: ffff9131e49c8000 R08: 0000000000000000 R09: ffff93120dd40a18 [56251.772382] R10: ffff9159cf2ce1a8 R11: 0000000000000003 R12: ffff911a80850000 [56251.784364] R13: ffff93120fbc7000 R14: 0000000000000010 R15: ffff9139e7510e40 [56251.796278] FS: 0000000000000000(0000) GS:ffff9149afd80000(0000) knlGS:0000000000000000 [56251.809133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [56251.819561] CR2: 00007f5e85e6f300 CR3: 00000038b85e2006 CR4: 0000000000770ef0 [56251.831365] PKRU: 55555554 [56251.838653] Call Trace: [56251.845560] [56251.851943] cpu_map_enqueue.cold+0x5/0xa [56251.860243] xdp_do_redirect+0x2d9/0x480 [56251.868388] bnxt_rx_xdp+0x1d8/0x4c0 [bnxt_en] [56251.877028] bnxt_rx_pkt+0x5f7/0x19b0 [bnxt_en] [56251.885665] ? cpu_max_write+0x1e/0x100 [56251.893510] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.902276] __bnxt_poll_work+0x190/0x340 [bnxt_en] [56251.911058] bnxt_poll+0xab/0x1b0 [bnxt_en] [56251.919041] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.927568] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.935958] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.944250] __napi_poll+0x2b/0x160 [56251.951155] bpf_trampoline_6442548651+0x79/0x123 [56251.959262] __napi_poll+0x5/0x160 [56251.966037] net_rx_action+0x3d2/0x880 [56251.973133] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.981265] ? srso_alias_return_thunk+0x5/0xfbef5 [56251.989262] ? __hrtimer_run_queues+0x162/0x2a0 [56251.996967] ? srso_alias_return_thunk+0x5/0xfbef5 [56252.004875] ? srso_alias_return_thunk+0x5/0xfbef5 [56252.012673] ? bnxt_msix+0x62/0x70 [bnxt_en] [56252.019903] handle_softirqs+0xcf/0x270 [56252.026650] irq_exit_rcu+0x67/0x90 [56252.032933] common_interrupt+0x85/0xa0 [56252.039498] [56252.044246] [56252.048935] asm_common_interrupt+0x26/0x40 [56252.055727] RIP: 0010:cpuidle_enter_state+0xb8/0x420 [56252.063305] Code: dc 01 00 00 e8 f9 79 3b ff e8 64 f7 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 a5 32 3a ff 45 84 ff 0f 85 ae 01 00 00 fb 45 85 f6 88 88 01 00 00 48 8b 04 24 49 63 ce 4c 89 ea 48 6b f1 68 48 29 [56252.088911] RSP: 0018:ffff93120c97fe98 EFLAGS: 00000202 [56252.096912] RAX: ffff9149afd80000 RBX: ffff9141d3a72800 RCX: 0000000000000000 [56252.106844] RDX: 00003329176c6b98 RSI: ffffffe36db3fdc7 RDI: 0000000000000000 [56252.116733] RBP: 0000000000000002 R08: 0000000000000002 R09: 000000000000004e [56252.126652] R10: ffff9149afdb30c4 R11: 071c71c71c71c71c R12: ffffffff985ff860 [56252.136637] R13: 00003329176c6b98 R14: 0000000000000002 R15: 0000000000000000 [56252.146667] ? cpuidle_enter_state+0xab/0x420 [56252.153909] cpuidle_enter+0x2d/0x40 [56252.160360] do_idle+0x176/0x1c0 [56252.166456 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38247 - "Linux Kernel User Namespace and Mnt Idmap Leak"

CVE ID : CVE-2025-38247 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: userns and mnt_idmap leak in open_tree_attr(2) Once want_mount_setattr() has returned a positive, it does require finish_mount_kattr() to release ->mnt_userns. Failing do_mount_setattr() does not change that. As the result, we can end up leaking userns and possibly mnt_idmap as well. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38248 - Linux Kernel Bridge Use-After-Free Vulnerability

CVE ID : CVE-2025-38248 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration The bridge maintains a global list of ports behind which a multicast router resides. The list is consulted during forwarding to ensure multicast packets are forwarded to these ports even if the ports are not member in the matching MDB entry. When per-VLAN multicast snooping is enabled, the per-port multicast context is disabled on each port and the port is removed from the global router port list: # ip link add name br1 up type bridge vlan_filtering 1 mcast_snooping 1 # ip link add name dummy1 up master br1 type dummy # ip link set dev dummy1 type bridge_slave mcast_router 2 $ bridge -d mdb show | grep router router ports on br1: dummy1 # ip link set dev br1 type bridge mcast_vlan_snooping 1 $ bridge -d mdb show | grep router However, the port can be re-added to the global list even when per-VLAN multicast snooping is enabled: # ip link set dev dummy1 type bridge_slave mcast_router 0 # ip link set dev dummy1 type bridge_slave mcast_router 2 $ bridge -d mdb show | grep router router ports on br1: dummy1 Since commit 4b30ae9adb04 ("net: bridge: mcast: re-implement br_multicast_{enable, disable}_port functions"), when per-VLAN multicast snooping is enabled, multicast disablement on a port will disable the per-{port, VLAN} multicast contexts and not the per-port one. As a result, a port will remain in the global router port list even after it is deleted. This will lead to a use-after-free [1] when the list is traversed (when adding a new port to the list, for example): # ip link del dev dummy1 # ip link add name dummy2 up master br1 type dummy # ip link set dev dummy2 type bridge_slave mcast_router 2 Similarly, stale entries can also be found in the per-VLAN router port list. When per-VLAN multicast snooping is disabled, the per-{port, VLAN} contexts are disabled on each port and the port is removed from the per-VLAN router port list: # ip link add name br1 up type bridge vlan_filtering 1 mcast_snooping 1 mcast_vlan_snooping 1 # ip link add name dummy1 up master br1 type dummy # bridge vlan add vid 2 dev dummy1 # bridge vlan global set vid 2 dev br1 mcast_snooping 1 # bridge vlan set vid 2 dev dummy1 mcast_router 2 $ bridge vlan global show dev br1 vid 2 | grep router router ports: dummy1 # ip link set dev br1 type bridge mcast_vlan_snooping 0 $ bridge vlan global show dev br1 vid 2 | grep router However, the port can be re-added to the per-VLAN list even when per-VLAN multicast snooping is disabled: # bridge vlan set vid 2 dev dummy1 mcast_router 0 # bridge vlan set vid 2 dev dummy1 mcast_router 2 $ bridge vlan global show dev br1 vid 2 | grep router router ports: dummy1 When the VLAN is deleted from the port, the per-{port, VLAN} multicast context will not be disabled since multicast snooping is not enabled on the VLAN. As a result, the port will remain in the per-VLAN router port list even after it is no longer member in the VLAN. This will lead to a use-after-free [2] when the list is traversed (when adding a new port to the list, for example): # ip link add name dummy2 up master br1 type dummy # bridge vlan add vid 2 dev dummy2 # bridge vlan del vid 2 dev dummy1 # bridge vlan set vid 2 dev dummy2 mcast_router 2 Fix these issues by removing the port from the relevant (global or per-VLAN) router port list in br_multicast_port_ctx_deinit(). The function is invoked during port deletion with the per-port multicast context and during VLAN deletion with the per-{port, VLAN} multicast context. Note that deleting the multicast router timer is not enough as it only takes care of the temporary multicast router states (1 or 3) and not the permanent one (2). [1] BUG: KASAN: slab-out-of-bounds in br_multicast_add_router.part.0+0x3f1/0x560 Write of size 8 at addr ffff888004a67328 by task ip/384 [...] Call Trace: dump_stack ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38249 - ALSA USB Audio Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-38249 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() In snd_usb_get_audioformat_uac3(), the length value returned from snd_usb_ctl_msg() is used directly for memory allocation without validation. This length is controlled by the USB device. The allocated buffer is cast to a uac3_cluster_header_descriptor and its fields are accessed without verifying that the buffer is large enough. If the device returns a smaller than expected length, this leads to an out-of-bounds read. Add a length check to ensure the buffer is large enough for uac3_cluster_header_descriptor. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38250 - "Bluetooth hci_core Use-After-Free Vulnerability"

CVE ID : CVE-2025-38250 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported use-after-free in vhci_flush() without repro. [0] From the splat, a thread close()d a vhci file descriptor while its device was being used by iotcl() on another thread. Once the last fd refcnt is released, vhci_release() calls hci_unregister_dev(), hci_free_dev(), and kfree() for struct vhci_data, which is set to hci_dev->dev->driver_data. The problem is that there is no synchronisation after unlinking hdev from hci_dev_list in hci_unregister_dev(). There might be another thread still accessing the hdev which was fetched before the unlink operation. We can use SRCU for such synchronisation. Let's run hci_dev_reset() under SRCU and wait for its completion in hci_unregister_dev(). Another option would be to restore hci_dev->destruct(), which was removed in commit 587ae086f6e4 ("Bluetooth: Remove unused hci-destruct cb"). However, this would not be a good solution, as we should not run hci_unregister_dev() while there are in-flight ioctl() requests, which could lead to another data-race KCSAN splat. Note that other drivers seem to have the same problem, for exmaple, virtbt_remove(). [0]: BUG: KASAN: slab-use-after-free in skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline] BUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937 Read of size 8 at addr ffff88807cb8d858 by task syz.1.219/6718 CPU: 1 UID: 0 PID: 6718 Comm: syz.1.219 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Call Trace: dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0xd2/0x2b0 mm/kasan/report.c:521 kasan_report+0x118/0x150 mm/kasan/report.c:634 skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline] skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937 skb_queue_purge include/linux/skbuff.h:3368 [inline] vhci_flush+0x44/0x50 drivers/bluetooth/hci_vhci.c:69 hci_dev_do_reset net/bluetooth/hci_core.c:552 [inline] hci_dev_reset+0x420/0x5c0 net/bluetooth/hci_core.c:592 sock_do_ioctl+0xd9/0x300 net/socket.c:1190 sock_ioctl+0x576/0x790 net/socket.c:1311 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fcf5b98e929 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fcf5c7b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007fcf5bbb6160 RCX: 00007fcf5b98e929 RDX: 0000000000000000 RSI: 00000000400448cb RDI: 0000000000000009 RBP: 00007fcf5ba10b39 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fcf5bbb6160 R15: 00007ffd6353d528 Allocated by task 6535: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3e/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359 kmalloc_noprof include/linux/slab.h:905 [inline] kzalloc_noprof include/linux/slab.h:1039 [inline] vhci_open+0x57/0x360 drivers/bluetooth/hci_vhci.c:635 misc_open+0x2bc/0x330 drivers/char/misc.c:161 chrdev_open+0x4c9/0x5e0 fs/char_dev.c:414 do_dentry_open+0xdf0/0x1970 fs/open.c:964 vfs_open+0x3b/0x340 fs/open.c:1094 do_open fs/namei.c:3887 [inline] path_openat+0x2ee5/0x3830 fs/name ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38251 - Linux ATM Clip NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38251 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: atm: clip: prevent NULL deref in clip_push() Blamed commit missed that vcc_destroy_socket() calls clip_push() with a NULL skb. If clip_devs is NULL, clip_push() then crashes when reading skb->truesize. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38252 - Linux Kernel CXL Driver - Unvalidated Assumption Handler

CVE ID : CVE-2025-38252 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: cxl/ras: Fix CPER handler device confusion By inspection, cxl_cper_handle_prot_err() is making a series of fragile assumptions that can lead to crashes: 1/ It assumes that endpoints identified in the record are a CXL-type-3 device, nothing guarantees that. 2/ It assumes that the device is bound to the cxl_pci driver, nothing guarantees that. 3/ Minor, it holds the device lock over the switch-port tracing for no reason as the trace is 100% generated from data in the record. Correct those by checking that the PCIe endpoint parents a cxl_memdev before assuming the format of the driver data, and move the lock to where it is required. Consequently this also makes the implementation ready for CXL accelerators that are not bound to cxl_pci. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38253 - Wacom HID Linux Kernel Crash Vulnerability

CVE ID : CVE-2025-38253 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix crash in wacom_aes_battery_handler() Commit fd2a9b29dc9c ("HID: wacom: Remove AES power_supply after extended inactivity") introduced wacom_aes_battery_handler() which is scheduled as a delayed work (aes_battery_work). In wacom_remove(), aes_battery_work is not canceled. Consequently, if the device is removed while aes_battery_work is still pending, then hard crashes or "Oops: general protection fault..." are experienced when wacom_aes_battery_handler() is finally called. E.g., this happens with built-in USB devices after resume from hibernate when aes_battery_work was still pending at the time of hibernation. So, take care to cancel aes_battery_work in wacom_remove(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38254 - AMD Linux Kernel EDID Handling Buffer Overflow

CVE ID : CVE-2025-38254 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add sanity checks for drm_edid_raw() When EDID is retrieved via drm_edid_raw(), it doesn't guarantee to return proper EDID bytes the caller wants: it may be either NULL (that leads to an Oops) or with too long bytes over the fixed size raw_edid array (that may lead to memory corruption). The latter was reported actually when connected with a bad adapter. Add sanity checks for drm_edid_raw() to address the above corner cases, and return EDID_BAD_INPUT accordingly. (cherry picked from commit 648d3f4d209725d51900d6a3ed46b7b600140cdf) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38255 - Linux Kernel null_blk Configfs Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-38255 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() While testing null_blk with configfs, echo 0 > poll_queues will trigger following panic: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 [#1] SMP NOPTI CPU: 27 UID: 0 PID: 920 Comm: bash Not tainted 6.15.0-02023-gadbdb95c8696-dirty #1238 PREEMPT(undef) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014 RIP: 0010:__bitmap_or+0x48/0x70 Call Trace: __group_cpus_evenly+0x822/0x8c0 group_cpus_evenly+0x2d9/0x490 blk_mq_map_queues+0x1e/0x110 null_map_queues+0xc9/0x170 [null_blk] blk_mq_update_queue_map+0xdb/0x160 blk_mq_update_nr_hw_queues+0x22b/0x560 nullb_update_nr_hw_queues+0x71/0xf0 [null_blk] nullb_device_poll_queues_store+0xa4/0x130 [null_blk] configfs_write_iter+0x109/0x1d0 vfs_write+0x26e/0x6f0 ksys_write+0x79/0x180 __x64_sys_write+0x1d/0x30 x64_sys_call+0x45c4/0x45f0 do_syscall_64+0xa5/0x240 entry_SYSCALL_64_after_hwframe+0x76/0x7e Root cause is that numgrps is set to 0, and ZERO_SIZE_PTR is returned from kcalloc(), and later ZERO_SIZE_PTR will be deferenced. Fix the problem by checking numgrps first in group_cpus_evenly(), and return NULL directly if numgrps is zero. [yukuai3@huawei.com: also fix the non-SMP version] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38256 - Linux Kernel io_uring Folio Unpinning Vulnerability

CVE ID : CVE-2025-38256 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: fix folio unpinning syzbot complains about an unmapping failure: [ 108.070381][ T14] kernel BUG at mm/gup.c:71! [ 108.070502][ T14] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP [ 108.123672][ T14] Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20250221-8.fc42 02/21/2025 [ 108.127458][ T14] Workqueue: iou_exit io_ring_exit_work [ 108.174205][ T14] Call trace: [ 108.175649][ T14] sanity_check_pinned_pages+0x7cc/0x7d0 (P) [ 108.178138][ T14] unpin_user_page+0x80/0x10c [ 108.180189][ T14] io_release_ubuf+0x84/0xf8 [ 108.182196][ T14] io_free_rsrc_node+0x250/0x57c [ 108.184345][ T14] io_rsrc_data_free+0x148/0x298 [ 108.186493][ T14] io_sqe_buffers_unregister+0x84/0xa0 [ 108.188991][ T14] io_ring_ctx_free+0x48/0x480 [ 108.191057][ T14] io_ring_exit_work+0x764/0x7d8 [ 108.193207][ T14] process_one_work+0x7e8/0x155c [ 108.195431][ T14] worker_thread+0x958/0xed8 [ 108.197561][ T14] kthread+0x5fc/0x75c [ 108.199362][ T14] ret_from_fork+0x10/0x20 We can pin a tail page of a folio, but then io_uring will try to unpin the head page of the folio. While it should be fine in terms of keeping the page actually alive, mm folks say it's wrong and triggers a debug warning. Use unpin_user_folio() instead of unpin_user_page*. [axboe: adapt to current tree, massage commit message] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38257 - IBM s390 Memory Corruption Vulnerability

CVE ID : CVE-2025-38257 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdup_user() Number of apqn target list entries contained in 'nr_apqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size passed to memdup_user() may overflow. In this case the actual size of the allocated area and the value describing it won't be in sync leading to various types of unpredictable behaviour later. Use a proper memdup_array_user() helper which returns an error if an overflow is detected. Note that it is different from when nr_apqns is initially zero - that case is considered valid and should be handled in subsequent pkey_handler implementations. Found by Linux Verification Center (linuxtesting.org). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38258 - Linux Kernel Memcg Path Memory Leak

CVE ID : CVE-2025-38258 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write memcg_path_store() assigns a newly allocated memory buffer to filter->memcg_path, without deallocating the previously allocated and assigned memory buffer. As a result, users can leak kernel memory by continuously writing a data to memcg_path DAMOS sysfs file. Fix the leak by deallocating the previously set memory buffer. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38259 - Linux Kernel ASoC Wcd9335 Regulator Leaks Vulnerability

CVE ID : CVE-2025-38259 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9335: Fix missing free of regulator supplies Driver gets and enables all regulator supplies in probe path (wcd9335_parse_dt() and wcd9335_power_on_reset()), but does not cleanup in final error paths and in unbind (missing remove() callback). This leads to leaked memory and unbalanced regulator enable count during probe errors or unbind. Fix this by converting entire code into devm_regulator_bulk_get_enable() which also greatly simplifies the code. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38260 - Linux Btrfs rescue=ibadroots null pointer dereference vulnerability

CVE ID : CVE-2025-38260 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: btrfs: handle csum tree error with rescue=ibadroots correctly [BUG] There is syzbot based reproducer that can crash the kernel, with the following call trace: (With some debug output added) DEBUG: rescue=ibadroots parsed BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by repro (1010) BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm BTRFS info (device loop0): using free-space-tree BTRFS warning (device loop0): checksum verify failed on logical 5312512 mirror 1 wanted 0xb043382657aede36608fd3386d6b001692ff406164733d94e2d9a180412c6003 found 0x810ceb2bacb7f0f9eb2bf3b2b15c02af867cb35ad450898169f3b1f0bd818651 level 0 DEBUG: read tree root path failed for tree csum, ret=-5 BTRFS warning (device loop0): checksum verify failed on logical 5328896 mirror 1 wanted 0x51be4e8b303da58e6340226815b70e3a93592dac3f30dd510c7517454de8567a found 0x51be4e8b303da58e634022a315b70e3a93592dac3f30dd510c7517454de8567a level 0 BTRFS warning (device loop0): checksum verify failed on logical 5292032 mirror 1 wanted 0x1924ccd683be9efc2fa98582ef58760e3848e9043db8649ee382681e220cdee4 found 0x0cb6184f6e8799d9f8cb335dccd1d1832da1071d12290dab3b85b587ecacca6e level 0 process 'repro' launched './file2' with NULL argv: empty string added DEBUG: no csum root, idatacsums=0 ibadroots=134217728 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000041: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000208-0x000000000000020f] CPU: 5 UID: 0 PID: 1010 Comm: repro Tainted: G OE 6.15.0-custom+ #249 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022 RIP: 0010:btrfs_lookup_csum+0x93/0x3d0 [btrfs] Call Trace: btrfs_lookup_bio_sums+0x47a/0xdf0 [btrfs] btrfs_submit_bbio+0x43e/0x1a80 [btrfs] submit_one_bio+0xde/0x160 [btrfs] btrfs_readahead+0x498/0x6a0 [btrfs] read_pages+0x1c3/0xb20 page_cache_ra_order+0x4b5/0xc20 filemap_get_pages+0x2d3/0x19e0 filemap_read+0x314/0xde0 __kernel_read+0x35b/0x900 bprm_execve+0x62e/0x1140 do_execveat_common.isra.0+0x3fc/0x520 __x64_sys_execveat+0xdc/0x130 do_syscall_64+0x54/0x1d0 entry_SYSCALL_64_after_hwframe+0x76/0x7e ---[ end trace 0000000000000000 ]--- [CAUSE] Firstly the fs has a corrupted csum tree root, thus to mount the fs we have to go "ro,rescue=ibadroots" mount option. Normally with that mount option, a bad csum tree root should set BTRFS_FS_STATE_NO_DATA_CSUMS flag, so that any future data read will ignore csum search. But in this particular case, we have the following call trace that caused NULL csum root, but not setting BTRFS_FS_STATE_NO_DATA_CSUMS: load_global_roots_objectid(): ret = btrfs_search_slot(); /* Succeeded */ btrfs_item_key_to_cpu() found = true; /* We found the root item for csum tree. */ root = read_tree_root_path(); if (IS_ERR(root)) { if (!btrfs_test_opt(fs_info, IGNOREBADROOTS)) /* * Since we have rescue=ibadroots mount option, * @ret is still 0. */ break; if (!found || ret) { /* @found is true, @ret is 0, error handling for csum * tree is skipped. */ } This means we completely skipped to set BTRFS_FS_STATE_NO_DATA_CSUMS if the csum tree is corrupted, which results unexpected later csum lookup. [FIX] If read_tree_root_path() failed, always populate @ret to the error number. As at the end of the function, we need @ret to determine if we need to do the extra error handling for csum tree. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38261 - Linux RISC-V SR_SUM Status Vulnerability

CVE ID : CVE-2025-38261 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: riscv: save the SR_SUM status over switches When threads/tasks are switched we need to ensure the old execution's SR_SUM state is saved and the new thread has the old SR_SUM state restored. The issue was seen under heavy load especially with the syz-stress tool running, with crashes as follows in schedule_tail: Unable to handle kernel access to user memory without uaccess routines at virtual address 000000002749f0d0 Oops [#1] Modules linked in: CPU: 1 PID: 4875 Comm: syz-executor.0 Not tainted 5.12.0-rc2-syzkaller-00467-g0d7588ab9ef9 #0 Hardware name: riscv-virtio,qemu (DT) epc : schedule_tail+0x72/0xb2 kernel/sched/core.c:4264 ra : task_pid_vnr include/linux/sched.h:1421 [inline] ra : schedule_tail+0x70/0xb2 kernel/sched/core.c:4264 epc : ffffffe00008c8b0 ra : ffffffe00008c8ae sp : ffffffe025d17ec0 gp : ffffffe005d25378 tp : ffffffe00f0d0000 t0 : 0000000000000000 t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe025d17ee0 s1 : 000000002749f0d0 a0 : 000000000000002a a1 : 0000000000000003 a2 : 1ffffffc0cfac500 a3 : ffffffe0000c80cc a4 : 5ae9db91c19bbe00 a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000082eba s2 : 0000000000040000 s3 : ffffffe00eef96c0 s4 : ffffffe022c77fe0 s5 : 0000000000004000 s6 : ffffffe067d74e00 s7 : ffffffe067d74850 s8 : ffffffe067d73e18 s9 : ffffffe067d74e00 s10: ffffffe00eef96e8 s11: 000000ae6cdf8368 t3 : 5ae9db91c19bbe00 t4 : ffffffc4043cafb2 t5 : ffffffc4043cafba t6 : 0000000000040000 status: 0000000000000120 badaddr: 000000002749f0d0 cause: 000000000000000f Call Trace: [] schedule_tail+0x72/0xb2 kernel/sched/core.c:4264 [] ret_from_exception+0x0/0x14 Dumping ftrace buffer: (ftrace buffer empty) ---[ end trace b5f8f9231dc87dda ]--- The issue comes from the put_user() in schedule_tail (kernel/sched/core.c) doing the following: asmlinkage __visible void schedule_tail(struct task_struct *prev) { ... if (current->set_child_tid) put_user(task_pid_vnr(current), current->set_child_tid); ... } the put_user() macro causes the code sequence to come out as follows: 1: __enable_user_access() 2: reg = task_pid_vnr(current); 3: *current->set_child_tid = reg; 4: __disable_user_access() The problem is that we may have a sleeping function as argument which could clear SR_SUM causing the panic above. This was fixed by evaluating the argument of the put_user() macro outside the user-enabled section in commit 285a76bb2cf5 ("riscv: evaluate put_user() arg before enabling user access")" In order for riscv to take advantage of unsafe_get/put_XXX() macros and to avoid the same issue we had with put_user() and sleeping functions we must ensure code flow can go through switch_to() from within a region of code with SR_SUM enabled and come back with SR_SUM still enabled. This patch addresses the problem allowing future work to enable full use of unsafe_get/put_XXX() macros without needing to take a CSR bit flip cost on every access. Make switch_to() save and restore SR_SUM. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38262 - Linux UARTlite Concurrency Race Null Pointer Dereference

CVE ID : CVE-2025-38262 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uart_register_driver function, which first allocates and assigns memory to 'uart_state' member of uart_driver structure, the other instance can bypass uart driver registration and call ulite_assign. This calls uart_add_one_port, which expects the uart driver to be fully initialized. This leads to a kernel panic due to a null pointer dereference: [ 8.143581] BUG: kernel NULL pointer dereference, address: 00000000000002b8 [ 8.156982] #PF: supervisor write access in kernel mode [ 8.156984] #PF: error_code(0x0002) - not-present page [ 8.156986] PGD 0 P4D 0 ... [ 8.180668] RIP: 0010:mutex_lock+0x19/0x30 [ 8.188624] Call Trace: [ 8.188629] ? __die_body.cold+0x1a/0x1f [ 8.195260] ? page_fault_oops+0x15c/0x290 [ 8.209183] ? __irq_resolve_mapping+0x47/0x80 [ 8.209187] ? exc_page_fault+0x64/0x140 [ 8.209190] ? asm_exc_page_fault+0x22/0x30 [ 8.209196] ? mutex_lock+0x19/0x30 [ 8.223116] uart_add_one_port+0x60/0x440 [ 8.223122] ? proc_tty_register_driver+0x43/0x50 [ 8.223126] ? tty_register_driver+0x1ca/0x1e0 [ 8.246250] ulite_probe+0x357/0x4b0 [uartlite] To prevent it, move uart driver registration in to init function. This will ensure that uart_driver is always registered when probe function is called. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38263 - Linux bcache NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38263 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bcache: fix NULL pointer in cache_set_flush() 1. LINE#1794 - LINE#1887 is some codes about function of bch_cache_set_alloc(). 2. LINE#2078 - LINE#2142 is some codes about function of register_cache_set(). 3. register_cache_set() will call bch_cache_set_alloc() in LINE#2098. 1794 struct cache_set *bch_cache_set_alloc(struct cache_sb *sb) 1795 { ... 1860 if (!(c->devices = kcalloc(c->nr_uuids, sizeof(void *), GFP_KERNEL)) || 1861 mempool_init_slab_pool(&c->search, 32, bch_search_cache) || 1862 mempool_init_kmalloc_pool(&c->bio_meta, 2, 1863 sizeof(struct bbio) + sizeof(struct bio_vec) * 1864 bucket_pages(c)) || 1865 mempool_init_kmalloc_pool(&c->fill_iter, 1, iter_size) || 1866 bioset_init(&c->bio_split, 4, offsetof(struct bbio, bio), 1867 BIOSET_NEED_BVECS|BIOSET_NEED_RESCUER) || 1868 !(c->uuids = alloc_bucket_pages(GFP_KERNEL, c)) || 1869 !(c->moving_gc_wq = alloc_workqueue("bcache_gc", 1870 WQ_MEM_RECLAIM, 0)) || 1871 bch_journal_alloc(c) || 1872 bch_btree_cache_alloc(c) || 1873 bch_open_buckets_alloc(c) || 1874 bch_bset_sort_state_init(&c->sort, ilog2(c->btree_pages))) 1875 goto err; ^^^^^^^^ 1876 ... 1883 return c; 1884 err: 1885 bch_cache_set_unregister(c); ^^^^^^^^^^^^^^^^^^^^^^^^^^^ 1886 return NULL; 1887 } ... 2078 static const char *register_cache_set(struct cache *ca) 2079 { ... 2098 c = bch_cache_set_alloc(&ca->sb); 2099 if (!c) 2100 return err; ^^^^^^^^^^ ... 2128 ca->set = c; 2129 ca->set->cache[ca->sb.nr_this_dev] = ca; ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ... 2138 return NULL; 2139 err: 2140 bch_cache_set_unregister(c); 2141 return err; 2142 } (1) If LINE#1860 - LINE#1874 is true, then do 'goto err'(LINE#1875) and call bch_cache_set_unregister()(LINE#1885). (2) As (1) return NULL(LINE#1886), LINE#2098 - LINE#2100 would return. (3) As (2) has returned, LINE#2128 - LINE#2129 would do *not* give the value to c->cache[], it means that c->cache[] is NULL. LINE#1624 - LINE#1665 is some codes about function of cache_set_flush(). As (1), in LINE#1885 call bch_cache_set_unregister() ---> bch_cache_set_stop() ---> closure_queue() -.-> cache_set_flush() (as below LINE#1624) 1624 static void cache_set_flush(struct closure *cl) 1625 { ... 1654 for_each_cache(ca, c, i) 1655 if (ca->alloc_thread) ^^ 1656 kthread_stop(ca->alloc_thread); ... 1665 } (4) In LINE#1655 ca is NULL(see (3)) in cache_set_flush() then the kernel crash occurred as below: [ 846.712887] bcache: register_cache() error drbd6: cannot allocate memory [ 846.713242] bcache: register_bcache() error : failed to register device [ 846.713336] bcache: cache_set_free() Cache set 2f84bdc1-498a-4f2f-98a7-01946bf54287 unregistered [ 846.713768] BUG: unable to handle kernel NULL pointer dereference at 00000000000009f8 [ 846.714790] PGD 0 P4D 0 [ 846.715129] Oops: 0000 [#1] SMP PTI [ 846.715472] CPU: 19 PID: 5057 Comm: kworker/19:16 Kdump: loaded Tainted: G OE --------- - - 4.18.0-147.5.1.el8_1.5es.3.x86_64 #1 [ 846.716082] Hardware name: ESPAN GI-25212/X11DPL-i, BIOS 2.1 06/15/2018 [ 846.716451] Workqueue: events cache_set_flush [bcache] [ 846.716808] RIP: 0010:cache_set_flush+0xc9/0x1b0 [bcache] [ 846.717155] Code: 00 4c 89 a5 b0 03 00 00 48 8b 85 68 f6 ff ff a8 08 0f 84 88 00 00 00 31 db 66 83 bd 3c f7 ff ff 00 48 8b 85 48 ff ff ff 74 28 8b b8 f8 09 00 0 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38264 - NVIDIA nvme-tcp Request List Injection Vulnerability

CVE ID : CVE-2025-38264 Published : July 9, 2025, 11:15 a.m. | 4 hours, 50 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvme_tcp_handle_r2t() to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38241 - Red Hat Linux Kernel ZRAM Soft Lockup Vulnerability

CVE ID : CVE-2025-38241 Published : July 9, 2025, 11:15 a.m. | 3 hours, 22 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix softlockup with mTHP swapin Following softlockup can be easily reproduced on my test machine with: echo always > /sys/kernel/mm/transparent_hugepage/hugepages-64kB/enabled swapon /dev/zram0 # zram0 is a 48G swap device mkdir -p /sys/fs/cgroup/memory/test echo 1G > /sys/fs/cgroup/test/memory.max echo $BASHPID > /sys/fs/cgroup/test/cgroup.procs while true; do dd if=/dev/zero of=/tmp/test.img bs=1M count=5120 cat /tmp/test.img > /dev/null rm /tmp/test.img done Then after a while: watchdog: BUG: soft lockup - CPU#0 stuck for 763s! [cat:5787] Modules linked in: zram virtiofs CPU: 0 UID: 0 PID: 5787 Comm: cat Kdump: loaded Tainted: G L 6.15.0.orig-gf3021d9246bc-dirty #118 PREEMPT(voluntary)· Tainted: [L]=SOFTLOCKUP Hardware name: Red Hat KVM/RHEL-AV, BIOS 0.0.0 02/06/2015 RIP: 0010:mpol_shared_policy_lookup+0xd/0x70 Code: e9 b8 b4 ff ff 31 c0 c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 41 54 55 53 8b 1f 48 85 db 74 41 4c 8d 67 08 48 89 fb 48 89 f5 4c 89 e7 e8 RSP: 0018:ffffc90002b1fc28 EFLAGS: 00000202 RAX: 00000000001c20ca RBX: 0000000000724e1e RCX: 0000000000000001 RDX: ffff888118e214c8 RSI: 0000000000057d42 RDI: ffff888118e21518 RBP: 000000000002bec8 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000bf4 R11: 0000000000000000 R12: 0000000000000001 R13: 00000000001c20ca R14: 00000000001c20ca R15: 0000000000000000 FS: 00007f03f995c740(0000) GS:ffff88a07ad9a000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f03f98f1000 CR3: 0000000144626004 CR4: 0000000000770eb0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: shmem_alloc_folio+0x31/0xc0 shmem_swapin_folio+0x309/0xcf0 ? filemap_get_entry+0x117/0x1e0 ? xas_load+0xd/0xb0 ? filemap_get_entry+0x101/0x1e0 shmem_get_folio_gfp+0x2ed/0x5b0 shmem_file_read_iter+0x7f/0x2e0 vfs_read+0x252/0x330 ksys_read+0x68/0xf0 do_syscall_64+0x4c/0x1c0 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f03f9a46991 Code: 00 48 8b 15 81 14 10 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd e8 20 ad 01 00 f3 0f 1e fa 80 3d 35 97 10 00 00 74 13 31 c0 0f 05 3d 00 f0 ff ff 77 4f c3 66 0f 1f 44 00 00 55 48 89 e5 48 83 ec RSP: 002b:00007fff3c52bd28 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f03f9a46991 RDX: 0000000000040000 RSI: 00007f03f98ba000 RDI: 0000000000000003 RBP: 00007fff3c52bd50 R08: 0000000000000000 R09: 00007f03f9b9a380 R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000040000 R13: 00007f03f98ba000 R14: 0000000000000003 R15: 0000000000000000 The reason is simple, readahead brought some order 0 folio in swap cache, and the swapin mTHP folio being allocated is in conflict with it, so swapcache_prepare fails and causes shmem_swap_alloc_folio to return -EEXIST, and shmem simply retries again and again causing this loop. Fix it by applying a similar fix for anon mTHP swapin. The performance change is very slight, time of swapin 10g zero folios with shmem (test for 12 times): Before: 2.47s After: 2.48s [kasong@tencent.com: add comment] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38242 - Linux Kernel Userfaultfd Swap Cache Vulnerability

CVE ID : CVE-2025-38242 Published : July 9, 2025, 11:15 a.m. | 3 hours, 22 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: mm: userfaultfd: fix race of userfaultfd_move and swap cache This commit fixes two kinds of races, they may have different results: Barry reported a BUG_ON in commit c50f8e6053b0, we may see the same BUG_ON if the filemap lookup returned NULL and folio is added to swap cache after that. If another kind of race is triggered (folio changed after lookup) we may see RSS counter is corrupted: [ 406.893936] BUG: Bad rss-counter state mm:ffff0000c5a9ddc0 type:MM_ANONPAGES val:-1 [ 406.894071] BUG: Bad rss-counter state mm:ffff0000c5a9ddc0 type:MM_SHMEMPAGES val:1 Because the folio is being accounted to the wrong VMA. I'm not sure if there will be any data corruption though, seems no. The issues above are critical already. On seeing a swap entry PTE, userfaultfd_move does a lockless swap cache lookup, and tries to move the found folio to the faulting vma. Currently, it relies on checking the PTE value to ensure that the moved folio still belongs to the src swap entry and that no new folio has been added to the swap cache, which turns out to be unreliable. While working and reviewing the swap table series with Barry, following existing races are observed and reproduced [1]: In the example below, move_pages_pte is moving src_pte to dst_pte, where src_pte is a swap entry PTE holding swap entry S1, and S1 is not in the swap cache: CPU1 CPU2 userfaultfd_move move_pages_pte() entry = pte_to_swp_entry(orig_src_pte); // Here it got entry = S1 ... interrupted> ... // folio A is a new allocated folio // and get installed into src_pte // src_pte now points to folio A, S1 // has swap count == 0, it can be freed // by folio_swap_swap or swap // allocator's reclaim. // folio B is a folio in another VMA. // S1 is freed, folio B can use it // for swap out with no problem. ... folio = filemap_get_folio(S1) // Got folio B here !!! ... interrupted again> ... // Now S1 is free to be used again. // Now src_pte is a swap entry PTE // holding S1 again. folio_trylock(folio) move_swap_pte double_pt_lock is_pte_pages_stable // Check passed because src_pte == S1 folio_move_anon_rmap(...) // Moved invalid folio B here !!! The race window is very short and requires multiple collisions of multiple rare events, so it's very unlikely to happen, but with a deliberately constructed reproducer and increased time window, it can be reproduced easily. This can be fixed by checking if the folio returned by filemap is the valid swap cache folio after acquiring the folio lock. Another similar race is possible: filemap_get_folio may return NULL, but folio (A) could be swapped in and then swapped out again using the same swap entry after the lookup. In such a case, folio (A) may remain in the swap cache, so it must be moved too: CPU1 CPU2 userfaultfd_move move_pages_pte() entry = pte_to_swp_entry(orig_src_pte); // Here it got entry = S1, and S1 is not in swap cache folio = filemap_get ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38243 - "Linux Btrfs Null Pointer Dereference Vulnerability"

CVE ID : CVE-2025-38243 Published : July 9, 2025, 11:15 a.m. | 3 hours, 22 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid inode pointer dereferences during log replay In a few places where we call read_one_inode(), if we get a NULL pointer we end up jumping into an error path, or fallthrough in case of __add_inode_ref(), where we then do something like this: iput(&inode->vfs_inode); which results in an invalid inode pointer that triggers an invalid memory access, resulting in a crash. Fix this by making sure we don't do such dereferences. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38244 - Samba SMB vulnerability - Deadlock in SMB Client

CVE ID : CVE-2025-38244 Published : July 9, 2025, 11:15 a.m. | 3 hours, 22 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when reconnecting channels Fix cifs_signal_cifsd_for_reconnect() to take the correct lock order and prevent the following deadlock from happening ====================================================== WARNING: possible circular locking dependency detected 6.16.0-rc3-build2+ #1301 Tainted: G S W ------------------------------------------------------ cifsd/6055 is trying to acquire lock: ffff88810ad56038 (&tcp_ses->srv_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0x134/0x200 but task is already holding lock: ffff888119c64330 (&ret_buf->chan_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0xcf/0x200 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&ret_buf->chan_lock){+.+.}-{3:3}: validate_chain+0x1cf/0x270 __lock_acquire+0x60e/0x780 lock_acquire.part.0+0xb4/0x1f0 _raw_spin_lock+0x2f/0x40 cifs_setup_session+0x81/0x4b0 cifs_get_smb_ses+0x771/0x900 cifs_mount_get_session+0x7e/0x170 cifs_mount+0x92/0x2d0 cifs_smb3_do_mount+0x161/0x460 smb3_get_tree+0x55/0x90 vfs_get_tree+0x46/0x180 do_new_mount+0x1b0/0x2e0 path_mount+0x6ee/0x740 do_mount+0x98/0xe0 __do_sys_mount+0x148/0x180 do_syscall_64+0xa4/0x260 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #1 (&ret_buf->ses_lock){+.+.}-{3:3}: validate_chain+0x1cf/0x270 __lock_acquire+0x60e/0x780 lock_acquire.part.0+0xb4/0x1f0 _raw_spin_lock+0x2f/0x40 cifs_match_super+0x101/0x320 sget+0xab/0x270 cifs_smb3_do_mount+0x1e0/0x460 smb3_get_tree+0x55/0x90 vfs_get_tree+0x46/0x180 do_new_mount+0x1b0/0x2e0 path_mount+0x6ee/0x740 do_mount+0x98/0xe0 __do_sys_mount+0x148/0x180 do_syscall_64+0xa4/0x260 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #0 (&tcp_ses->srv_lock){+.+.}-{3:3}: check_noncircular+0x95/0xc0 check_prev_add+0x115/0x2f0 validate_chain+0x1cf/0x270 __lock_acquire+0x60e/0x780 lock_acquire.part.0+0xb4/0x1f0 _raw_spin_lock+0x2f/0x40 cifs_signal_cifsd_for_reconnect+0x134/0x200 __cifs_reconnect+0x8f/0x500 cifs_handle_standard+0x112/0x280 cifs_demultiplex_thread+0x64d/0xbc0 kthread+0x2f7/0x310 ret_from_fork+0x2a/0x230 ret_from_fork_asm+0x1a/0x30 other info that might help us debug this: Chain exists of: &tcp_ses->srv_lock --> &ret_buf->ses_lock --> &ret_buf->chan_lock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&ret_buf->chan_lock); lock(&ret_buf->ses_lock); lock(&ret_buf->chan_lock); lock(&tcp_ses->srv_lock); *** DEADLOCK *** 3 locks held by cifsd/6055: #0: ffffffff857de398 (&cifs_tcp_ses_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0x7b/0x200 #1: ffff888119c64060 (&ret_buf->ses_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0x9c/0x200 #2: ffff888119c64330 (&ret_buf->chan_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0xcf/0x200 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38245 - "Google Compute Engine atm Device Registration Vulnerability"

CVE ID : CVE-2025-38245 Published : July 9, 2025, 11:15 a.m. | 3 hours, 22 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). syzbot reported a warning below during atm_dev_register(). [0] Before creating a new device and procfs/sysfs for it, atm_dev_register() looks up a duplicated device by __atm_dev_lookup(). These operations are done under atm_dev_mutex. However, when removing a device in atm_dev_deregister(), it releases the mutex just after removing the device from the list that __atm_dev_lookup() iterates over. So, there will be a small race window where the device does not exist on the device list but procfs/sysfs are still not removed, triggering the splat. Let's hold the mutex until procfs/sysfs are removed in atm_dev_deregister(). [0]: proc_dir_entry 'atm/atmtcp:0' already registered WARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377 Modules linked in: CPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 RIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377 Code: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48 RSP: 0018:ffffc9000466fa30 EFLAGS: 00010282 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248 RDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001 RBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140 R13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444 FS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: proc_create_data+0xbe/0x110 fs/proc/generic.c:585 atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361 atm_dev_register+0x46d/0x890 net/atm/resources.c:113 atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369 atmtcp_attach drivers/atm/atmtcp.c:403 [inline] atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464 do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159 sock_do_ioctl+0x115/0x280 net/socket.c:1190 sock_ioctl+0x227/0x6b0 net/socket.c:1311 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl fs/ioctl.c:893 [inline] __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f38b3b74459 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459 RDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005 RBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f R10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac R13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-38239 - Megaraid SAS Array Index Out-of-Bounds Vulnerability

CVE ID : CVE-2025-38239 Published : July 9, 2025, 11:15 a.m. | 1 hour, 15 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix invalid node index On a system with DRAM interleave enabled, out-of-bound access is detected: megaraid_sas 0000:3f:00.0: requested/available msix 128/128 poll_queue 0 ------------[ cut here ]------------ UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28 index -1 is out of range for type 'cpumask *[1024]' dump_stack_lvl+0x5d/0x80 ubsan_epilogue+0x5/0x2b __ubsan_handle_out_of_bounds.cold+0x46/0x4b megasas_alloc_irq_vectors+0x149/0x190 [megaraid_sas] megasas_probe_one.cold+0xa4d/0x189c [megaraid_sas] local_pci_probe+0x42/0x90 pci_device_probe+0xdc/0x290 really_probe+0xdb/0x340 __driver_probe_device+0x78/0x110 driver_probe_device+0x1f/0xa0 __driver_attach+0xba/0x1c0 bus_for_each_dev+0x8b/0xe0 bus_add_driver+0x142/0x220 driver_register+0x72/0xd0 megasas_init+0xdf/0xff0 [megaraid_sas] do_one_initcall+0x57/0x310 do_init_module+0x90/0x250 init_module_from_file+0x85/0xc0 idempotent_init_module+0x114/0x310 __x64_sys_finit_module+0x65/0xc0 do_syscall_64+0x82/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fix it accordingly. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 11:15:00 GMT

read more

CVE-2025-27027 - Radiflow iSAP Smart Collector Rbash Bypass Vulnerability

CVE ID : CVE-2025-27027 Published : July 9, 2025, 9:15 a.m. | 2 hours, 9 minutes ago Description : A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-27028 - Radiflow iSAP Smart Collector Linux Privilege Escalation

CVE ID : CVE-2025-27028 Published : July 9, 2025, 9:15 a.m. | 2 hours, 9 minutes ago Description : The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can read the entire file system content, including files belonging to other users and having restricted access (like, for example, the root password hash). Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-3497 - Radiflow iSAP Smart Collector EOL Vulnerability

CVE ID : CVE-2025-3497 Published : July 9, 2025, 9:15 a.m. | 2 hours, 9 minutes ago Description : The Linux distribution underlying the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) is obsolete and reached end of life (EOL) on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-3498 - Radiflow iSAP Smart Collector Unauthenticated Remote Command Execution and Configuration Modification

CVE ID : CVE-2025-3498 Published : July 9, 2025, 9:15 a.m. | 2 hours, 9 minutes ago Description : An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) configuration. The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). An attacker can use these APIs to get access to all system settings, modify the configuration and execute some commands (e.g., system reboot). Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-3499 - Apache OS Command Injection Vulnerability

CVE ID : CVE-2025-3499 Published : July 9, 2025, 9:15 a.m. | 2 hours, 9 minutes ago Description : The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). Exploiting OS command injection through these APIs, an attacker can send arbitrary commands that are executed with administrative permissions by the underlying operating system. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-7379 - DataSync Center Reverse Tabnabbing Security Bypass

CVE ID : CVE-2025-7379 Published : July 9, 2025, 9:15 a.m. | 2 hours, 9 minutes ago Description : A security bypass vulnerability allows exploitation via Reverse Tabnabbing, a type of phishing attack where attackers can manipulate the content of the original tab, leading to credential theft and other security risks. This issue affects DataSync Center: from 1.1.0 before 1.1.0.r207, and from 1.2.0 before 1.2.0.r206. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 09:15:00 GMT

read more

CVE-2025-7220 - Campcodes Payroll Management System SQL Injection

CVE ID : CVE-2025-7220 Published : July 9, 2025, 7:15 a.m. | 4 hours, 9 minutes ago Description : A vulnerability was found in Campcodes Payroll Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_deductions. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 07:15:00 GMT

read more

CVE-2025-7378 - ASUSTOR ADM NAS Configuration File Injection Vulnerability

CVE ID : CVE-2025-7378 Published : July 9, 2025, 7:15 a.m. | 4 hours, 9 minutes ago Description : An improper Input Validation vulnerability allows injecting arbitrary values of the NAS configuration file in ASUSTOR ADM. This could potentially lead to system misconfiguration and break the format of the configuation file, causing the NAS to exhibit unexpected behavior. This issue affects ADM: from 4.1 before 4.3.1.R5A1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 07:15:00 GMT

read more

CVE-2025-6691 - "WordPress SureForms Arbitrary File Deletion Vulnerability"

CVE ID : CVE-2025-6691 Published : July 9, 2025, 6:15 a.m. | 5 hours, 9 minutes ago Description : The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_entry_files() function in all versions up to, and including, 1.7.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 06:15:00 GMT

read more

CVE-2025-6742 - "SureForms WordPress PHP Object Injection Vulnerability"

CVE ID : CVE-2025-6742 Published : July 9, 2025, 6:15 a.m. | 5 hours, 9 minutes ago Description : The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.7.3 via the use of file_exists() in the delete_entry_files() function without restriction on the path provided. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 06:15:00 GMT

read more

CVE-2025-7218 - Campcodes Payroll Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7218 Published : July 9, 2025, 6:15 a.m. | 5 hours, 9 minutes ago Description : A vulnerability was found in Campcodes Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /ajax.php?action=delete_position. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 06:15:00 GMT

read more

CVE-2025-7219 - Campcodes Payroll Management System SQL Injection

CVE ID : CVE-2025-7219 Published : July 9, 2025, 6:15 a.m. | 5 hours, 9 minutes ago Description : A vulnerability was found in Campcodes Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /ajax.php?action=delete_allowances. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 06:15:00 GMT

read more

CVE-2025-7215 - FNKvision FNK-GU2 Cleartext Storage of Sensitive Information Vulnerability

CVE ID : CVE-2025-7215 Published : July 9, 2025, 5:15 a.m. | 6 hours, 9 minutes ago Description : A vulnerability, which was classified as problematic, has been found in FNKvision FNK-GU2 up to 40.1.7. Affected by this issue is some unknown functionality of the file /rom/wpa_supplicant.conf. The manipulation leads to cleartext storage of sensitive information. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Severity: 1.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 05:15:00 GMT

read more

CVE-2025-7216 - "Lty628 Aidigu PHP Object Handler Deserialization Vulnerability"

CVE ID : CVE-2025-7216 Published : July 9, 2025, 5:15 a.m. | 6 hours, 9 minutes ago Description : A vulnerability, which was classified as critical, was found in lty628 Aidigu up to 1.8.2. This affects the function checkUserCookie of the file /application/common.php of the component PHP Object Handler. The manipulation of the argument rememberMe leads to deserialization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 05:15:00 GMT

read more

CVE-2025-7217 - Campcodes Payroll Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7217 Published : July 9, 2025, 5:15 a.m. | 6 hours, 9 minutes ago Description : A vulnerability has been found in Campcodes Payroll Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=save_position. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 05:15:00 GMT

read more

CVE-2025-4606 - Sala - Startup SaaS WordPress Theme Privilege Escalation Vulnerability

CVE ID : CVE-2025-4606 Published : July 9, 2025, 4:16 a.m. | 7 hours, 9 minutes ago Description : The Sala - Startup & SaaS WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.4. This is due to the theme not properly validating a user's identity prior to updating their details like password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 04:16:00 GMT

read more

CVE-2025-7059 - WordPress Simple Featured Image Stored Cross-Site Scripting

CVE ID : CVE-2025-7059 Published : July 9, 2025, 4:16 a.m. | 7 hours, 9 minutes ago Description : The Simple Featured Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slideshow’ parameter in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 04:16:00 GMT

read more

CVE-2025-7214 - FNKvision FNK-GU2 MD5 Cryptographic Algorithm Vulnerability

CVE ID : CVE-2025-7214 Published : July 9, 2025, 4:16 a.m. | 7 hours, 9 minutes ago Description : A vulnerability classified as problematic was found in FNKvision FNK-GU2 up to 40.1.7. Affected by this vulnerability is an unknown functionality of the file /etc/shadow of the component MD5. The manipulation leads to risky cryptographic algorithm. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Severity: 1.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 04:16:00 GMT

read more

CVE-2025-53685 - Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-53685 Published : July 9, 2025, 3:15 a.m. | 8 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53686 - Apache HTTP Server Cross-Site Request Forgery (CSRF)

CVE ID : CVE-2025-53686 Published : July 9, 2025, 3:15 a.m. | 8 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53687 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-53687 Published : July 9, 2025, 3:15 a.m. | 8 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53688 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53688 Published : July 9, 2025, 3:15 a.m. | 8 hours, 9 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-7211 - "Code-Projects LifeStyle Store SQL Injection Vulnerability"

CVE ID : CVE-2025-7211 Published : July 9, 2025, 3:15 a.m. | 8 hours, 9 minutes ago Description : A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cart_add.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-7212 - iSourcecode Insurance Management System SQL Injection

CVE ID : CVE-2025-7212 Published : July 9, 2025, 3:15 a.m. | 8 hours, 9 minutes ago Description : A vulnerability was found in itsourcecode Insurance Management System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-7213 - FNKvision FNK-GU2 UART Interface Debug Interface Access Control Vulnerability

CVE ID : CVE-2025-7213 Published : July 9, 2025, 3:15 a.m. | 8 hours, 9 minutes ago Description : A vulnerability classified as critical has been found in FNKvision FNK-GU2 up to 40.1.7. Affected is an unknown function of the component UART Interface. The manipulation leads to on-chip debug and test interface with improper access control. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53682 - Apache Struts Unvalidated Redirect to Malicious Server

CVE ID : CVE-2025-53682 Published : July 9, 2025, 3:15 a.m. | 5 hours, 6 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53683 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-53683 Published : July 9, 2025, 3:15 a.m. | 5 hours, 6 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-53684 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53684 Published : July 9, 2025, 3:15 a.m. | 5 hours, 6 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 03:15:00 GMT

read more

CVE-2025-5678 - Kadence WP Gutenberg Blocks with AI Stored Cross-Site Scripting

CVE ID : CVE-2025-5678 Published : July 9, 2025, 2:15 a.m. | 6 hours, 6 minutes ago Description : The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘redirectURL’ parameter in all versions up to, and including, 3.5.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 02:15:00 GMT

read more

CVE-2025-7210 - Apache Ros Library Management System File Upload Vulnerability

CVE ID : CVE-2025-7210 Published : July 9, 2025, 2:15 a.m. | 6 hours, 6 minutes ago Description : A vulnerability was found in code-projects/Fabian Ros Library Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/profile_update.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 02:15:00 GMT

read more

CVE-2025-7209 - Plan9port Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-7209 Published : July 9, 2025, 1:15 a.m. | 7 hours, 6 minutes ago Description : A vulnerability has been found in 9fans plan9port up to 9da5b44 and classified as problematic. Affected by this vulnerability is the function value_decode in the library src/libsec/port/x509.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The identifier of the patch is deae8939583d83fd798fca97665e0e94656c3ee8. It is recommended to apply a patch to fix this issue. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-34077 - WordPress Pie Register Plugin Authentication Bypass and Remote Code Execution

CVE ID : CVE-2025-34077 Published : July 9, 2025, 1:15 a.m. | 5 hours, 6 minutes ago Description : An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the user_id_social_site parameter, an attacker can generate a valid WordPress session cookie for any user ID, including administrators. Once authenticated, the attacker may exploit plugin upload functionality to install a malicious plugin containing arbitrary PHP code, resulting in remote code execution on the underlying server. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-34083 - WordPress AIT CSV Import/Export Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-34083 Published : July 9, 2025, 1:15 a.m. | 5 hours, 6 minutes ago Description : An unrestricted file upload vulnerability exists in the WordPress AIT CSV Import/Export plugin ≤ 3.0.3. The plugin exposes an upload handler at upload-handler.php that allows arbitrary file upload via a multipart/form-data POST request. This endpoint does not enforce authentication or content-type validation, enabling attackers to upload malicious PHP code directly to the server. Although the upload may produce an error related to CSV parsing, the malicious file is still saved under wp-content/uploads/ and remains executable. Notably, the plugin does not need to be active for exploitation to succeed. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-34084 - BoldGrid Backup WordPress Unauthenticated Information Disclosure

CVE ID : CVE-2025-34084 Published : July 9, 2025, 1:15 a.m. | 5 hours, 6 minutes ago Description : An unauthenticated information disclosure vulnerability exists in the WordPress Total Upkeep plugin (also known as BoldGrid Backup) prior to version 1.14.10. The plugin exposes multiple endpoints that allow unauthenticated users to retrieve detailed server configuration (env-info.php) and discover backup metadata (restore-info.json). These backups, which may include full SQL database dumps, are accessible without authentication if their paths are known or guessed. The restore-info.json endpoint discloses the absolute filesystem path of the latest backup, which attackers can convert into a web-accessible URL under wp-content/uploads/ and download. Extracting the database archive may yield credential hashes from the wp_users table, facilitating offline password cracking or credential stuffing attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-34085 - WordPress Simple File List PHP Unrestricted File Upload RCE

CVE ID : CVE-2025-34085 Published : July 9, 2025, 1:15 a.m. | 5 hours, 6 minutes ago Description : An unrestricted file upload vulnerability in the WordPress Simple File List plugin prior to version 4.2.3 allows unauthenticated remote attackers to achieve remote code execution. The plugin's upload endpoint (ee-upload-engine.php) restricts file uploads based on extension, but lacks proper validation after file renaming. An attacker can first upload a PHP payload disguised as a .png file, then use the plugin’s ee-file-engine.php rename functionality to change the extension to .php. This bypasses upload restrictions and results in the uploaded payload being executable on the server. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-7207 - mruby Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7207 Published : July 9, 2025, 1:15 a.m. | 5 hours, 6 minutes ago Description : A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scope_new of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is 1fdd96104180cc0fb5d3cb086b05ab6458911bb9. It is recommended to apply a patch to fix this issue. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-7208 - Plan9port X509 Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-7208 Published : July 9, 2025, 1:15 a.m. | 5 hours, 6 minutes ago Description : A vulnerability was found in 9fans plan9port up to 9da5b44. It has been classified as critical. This affects the function edump in the library /src/plan9port/src/libsec/port/x509.c. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The identifier of the patch is b3e06559475b0130a7a2fb56ac4d131d13d2012f. It is recommended to apply a patch to fix this issue. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 01:15:00 GMT

read more

CVE-2025-4828 - WordPress Support Board Plugin Arbitrary File Deletion Vulnerability

CVE ID : CVE-2025-4828 Published : July 9, 2025, 12:15 a.m. | 5 hours, 4 minutes ago Description : The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the sb_file_delete function in all versions up to, and including, 3.8.0. This makes it possible for attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). An attacker can leverage CVE-2025-4855 vulnerability to exploit this vulnerability unauthenticated. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 00:15:00 GMT

read more

CVE-2025-4855 - WordPress Support Board Plugin Unauthenticated Data Access and Modification

CVE ID : CVE-2025-4855 Published : July 9, 2025, 12:15 a.m. | 5 hours, 4 minutes ago Description : The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sb_encryption() function in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to bypass authorization and execute arbitrary AJAX actions defined in the sb_ajax_execute() function. An attacker can use this vulnerability to exploit CVE-2025-4828 and various other functions unauthenticated. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 00:15:00 GMT

read more

CVE-2025-7206 - D-Link DIR-825 HTTPd Stack-Based Buffer Overflow

CVE ID : CVE-2025-7206 Published : July 9, 2025, 12:15 a.m. | 5 hours, 4 minutes ago Description : A vulnerability, which was classified as critical, has been found in D-Link DIR-825 2.10. This issue affects the function sub_410DDC of the file switch_language.cgi of the component httpd. The manipulation of the argument Language leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 00:15:00 GMT

read more

CVE-2025-3780 - WooCommerce WCFM - Unauthenticated Data Modification Vulnerability

CVE ID : CVE-2025-3780 Published : July 9, 2025, 12:15 a.m. | 4 hours, 5 minutes ago Description : The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcfm_redirect_to_setup function in all versions up to, and including, 6.7.16. This makes it possible for unauthenticated attackers to view and modify the plugin settings, including payment details and API keys Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 09 Jul 2025 00:15:00 GMT

read more

CVE-2025-7199 - Apache Code-projects Library System SQL Injection Vulnerability

CVE ID : CVE-2025-7199 Published : July 8, 2025, 11:15 p.m. | 5 hours, 5 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Library System 1.0. This issue affects some unknown processing of the file /notapprove.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-7200 - Krishna9772 Pharmacy Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7200 Published : July 8, 2025, 11:15 p.m. | 5 hours, 5 minutes ago Description : A vulnerability, which was classified as critical, was found in krishna9772 Pharmacy Management System up to a2efc8442931ec9308f3b4cf4778e5701153f4e5. Affected is an unknown function of the file quantity_upd.php. The manipulation of the argument med_name/med_cat/ex_date leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47122 - Adobe Framemaker Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47122 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47123 - Adobe Framemaker Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47123 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47124 - Adobe Framemaker Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-47124 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47125 - Adobe Framemaker Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47125 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47126 - Adobe Framemaker Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-47126 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47127 - Adobe Framemaker Out-of-Bounds Write Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-47127 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47128 - Adobe Framemaker Integer Underflow Vulnerability

CVE ID : CVE-2025-47128 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47129 - Adobe Framemaker Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-47129 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47130 - Adobe Framemaker Integer Underflow Vulnerability

CVE ID : CVE-2025-47130 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47131 - Adobe Framemaker Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47131 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47132 - Adobe Framemaker Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-47132 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47133 - Adobe Framemaker Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-47133 Published : July 8, 2025, 11:15 p.m. | 3 hours, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2024-56468 - IBM InfoSphere Data Replication VSAM for z/OS Remote Source Denial of Service (DoS) Vulnerability

CVE ID : CVE-2024-56468 Published : July 8, 2025, 11:15 p.m. | 1 hour, 14 minutes ago Description : IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 could allow a remote user to cause a denial of service by sending an invalid HTTP request to the log reading service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47097 - Adobe InCopy Integer Underflow Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-47097 Published : July 8, 2025, 11:15 p.m. | 1 hour, 14 minutes ago Description : InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47098 - Adobe InCopy Uninitialized Pointer Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-47098 Published : July 8, 2025, 11:15 p.m. | 1 hour, 14 minutes ago Description : InCopy versions 20.3, 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47099 - Adobe InCopy Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47099 Published : July 8, 2025, 11:15 p.m. | 1 hour, 14 minutes ago Description : InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47119 - Adobe Framemaker NULL Pointer Dereference Denial-of-Service Vulnerability

CVE ID : CVE-2025-47119 Published : July 8, 2025, 11:15 p.m. | 1 hour, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47120 - Adobe Framemaker Stack-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47120 Published : July 8, 2025, 11:15 p.m. | 1 hour, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-47121 - Adobe Framemaker Uninitialized Pointer Access Vulnerability

CVE ID : CVE-2025-47121 Published : July 8, 2025, 11:15 p.m. | 1 hour, 14 minutes ago Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 23:15:00 GMT

read more

CVE-2025-53547 - Helm Chart File Execution Vulnerability

CVE ID : CVE-2025-53547 Published : July 8, 2025, 10:15 p.m. | 2 hours, 14 minutes ago Description : Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-6759 - Citrix Windows Virtual Delivery Agent System Privilege Escalation Vulnerability

CVE ID : CVE-2025-6759 Published : July 8, 2025, 10:15 p.m. | 2 hours, 14 minutes ago Description : Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-7197 - Jonnys Liquor SQL Injection Vulnerability

CVE ID : CVE-2025-7197 Published : July 8, 2025, 10:15 p.m. | 2 hours, 14 minutes ago Description : A vulnerability classified as critical has been found in code-projects Jonnys Liquor 1.0. This affects an unknown part of the file /admin/delete-row.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-7198 - Jonnys Liquor SQL Injection Vulnerability

CVE ID : CVE-2025-7198 Published : July 8, 2025, 10:15 p.m. | 2 hours, 14 minutes ago Description : A vulnerability classified as critical was found in code-projects Jonnys Liquor 1.0. This vulnerability affects unknown code of the file /admin/admin-area.php. The manipulation of the argument drink leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-27165 - Substance3D Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-27165 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Substance3D - Stager versions 3.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-27203 - Adobe Connect Deserialization of Untrusted Data Vulnerability

CVE ID : CVE-2025-27203 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does require user interaction and scope is changed. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-30313 - Adobe Illustrator Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-30313 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-43591 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-43591 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-43592 - Adobe InDesign Uninitialized Pointer Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-43592 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : InDesign Desktop versions 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-43594 - Adobe InDesign Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-43594 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : InDesign Desktop versions 19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-47103 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47103 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-47134 - Adobe InDesign Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-47134 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-47136 - Adobe InDesign Integer Underflow Vulnerability

CVE ID : CVE-2025-47136 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49524 - Adobe Illustrator NULL Pointer Dereference Denial of Service Vulnerability

CVE ID : CVE-2025-49524 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49525 - Adobe Illustrator Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-49525 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49526 - Adobe Illustrator Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-49526 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49527 - Adobe Illustrator Stack-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-49527 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49528 - Adobe Illustrator Stack-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-49528 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49529 - Adobe Illustrator Uninitialized Pointer Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-49529 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49530 - Adobe Illustrator Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-49530 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49531 - Adobe Illustrator Integer Overflow Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-49531 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49532 - Adobe Illustrator Integer Underflow Arbitrary Code Execution

CVE ID : CVE-2025-49532 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49533 - Adobe Experience Manager MS Deserialization of Untrusted Data Vulnerability

CVE ID : CVE-2025-49533 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Adobe Experience Manager (MS) versions 6.5.23.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction. Scope is unchanged. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49534 - Adobe Experience Manager Stored XSS

CVE ID : CVE-2025-49534 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Adobe Experience Manager versions 11.4 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Scope is changed. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-49547 - Adobe Experience Manager Stored XSS

CVE ID : CVE-2025-49547 Published : July 8, 2025, 10:15 p.m. | 15 minutes ago Description : Adobe Experience Manager versions 11.4 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Scope is changed. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 22:15:00 GMT

read more

CVE-2025-43582 - Substance3D Heap-based Buffer Overflow Vulnerability in Viewer

CVE ID : CVE-2025-43582 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : Substance3D - Viewer versions 0.22 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user, scope unchanged. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-43583 - Substance3D Viewer NULL Pointer Dereference DoS Vulnerability

CVE ID : CVE-2025-43583 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : Substance3D - Viewer versions 0.22 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-43584 - Substance3D Out-of-Bounds Read Vulnerability in Viewer

CVE ID : CVE-2025-43584 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : Substance3D - Viewer versions 0.22 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49535 - Adobe ColdFusion XXE Security Feature Bypass

CVE ID : CVE-2025-49535 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in a Security feature bypass. An attacker could exploit this vulnerability to access sensitive information or denial of service by bypassing security measures. Exploitation of this issue does not require user interaction and scope is changed. The vulnerable component is restricted to internal IP addresses. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49536 - ColdFusion Incorrect Authorization Security Feature Bypass

CVE ID : CVE-2025-49536 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. The vulnerable component is restricted to internal IP addresses. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49537 - ColdFusion OS Command Injection Vulnerability

CVE ID : CVE-2025-49537 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead to arbitrary code execution by a high-privileged attacker. Exploitation of this issue requires user interaction and scope is changed. The vulnerable component is restricted to internal IP addresses. Severity: 7.9 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49538 - ColdFusion XML Injection File System Read Vulnerability

CVE ID : CVE-2025-49538 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an XML Injection vulnerability that could lead to arbitrary file system read. An attacker can exploit this issue by injecting crafted XML or XPath queries to access unauthorized files or lead to denial of service. Exploitation of this issue does not require user interaction, and attack must have access to shared secrets. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49539 - ColdFusion XXE Vulnerability

CVE ID : CVE-2025-49539 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in a security feature bypass. A high-privileged attacker could leverage this vulnerability to access sensitive information. Exploitation of this issue does not require user interaction. The vulnerable component is restricted to internal IP addresses. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49540 - ColdFusion Stored XSS Vulnerability

CVE ID : CVE-2025-49540 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field, scope is changed. The vulnerable component is restricted to internal IP addresses. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49541 - ColdFusion Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-49541 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field, scope is changed. The vulnerable component is restricted to internal IP addresses. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49542 - Adobe ColdFusion Reflected Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-49542 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser, scope is changed. The vulnerable component is restricted to internal IP addresses. Severity: 5.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49543 - ColdFusion Stored XSS

CVE ID : CVE-2025-49543 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field, scope is changed. The vulnerable component is restricted to internal IP addresses. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49544 - ColdFusion XXE Security Feature Bypass

CVE ID : CVE-2025-49544 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to access sensitive information or bypass security measures. Exploitation of this issue does not require user interaction and scope is changed. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49545 - ColdFusion SSRF File System Read

CVE ID : CVE-2025-49545 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privilege authenticated attacker can force the application to make arbitrary requests via injection of URLs. Exploitation of this issue does not require user interaction and scope is changed. The vulnerable component is restricted to internal IP addresses. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49546 - ColdFusion Improper Access Control Denial-of-Service Vulnerability

CVE ID : CVE-2025-49546 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Access Control vulnerability that could lead to application denial-of-service. A high-privileged attacker could exploit this vulnerability to disrupt the availability of the application. Exploitation of this issue does not require user interaction and scope is unchanged. The vulnerable component is restricted to internal IP addresses. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-49551 - ColdFusion Hard-coded Credentials Privilege Escalation

CVE ID : CVE-2025-49551 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized access to sensitive systems or data. Exploitation of this issue does not require user interaction. The vulnerable component is restricted to internal IP addresses. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-7030 - Drupal Two-factor Authentication (TFA) Privilege Escalation Vulnerability

CVE ID : CVE-2025-7030 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : Privilege Defined With Unsafe Actions vulnerability in Drupal Two-factor Authentication (TFA) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.11.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-7031 - Drupal Config Pages Viewer Missing Authentication Vulnerability

CVE ID : CVE-2025-7031 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Config Pages Viewer: from 0.0.0 before 1.0.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-7194 - D-Link DI-500WF Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7194 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ip_position.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-7196 - Jonnys Liquor SQL Injection Vulnerability

CVE ID : CVE-2025-7196 Published : July 8, 2025, 9:15 p.m. | 1 hour, 5 minutes ago Description : A vulnerability was found in code-projects Jonnys Liquor 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /browse.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 21:15:00 GMT

read more

CVE-2025-37103 - HPE Networking Instant On Access Points Hard-Coded Login Credentials Vulnerability

CVE ID : CVE-2025-37103 Published : July 8, 2025, 8:15 p.m. | 2 hours, 5 minutes ago Description : Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing anyone with knowledge of it to bypass normal device authentication. Successful exploitation could allow a remote attacker to gain administrative access to the system. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 20:15:00 GMT

read more

CVE-2025-53355 - "Kubernetes MCP Server Command Injection Vulnerability"

CVE ID : CVE-2025-53355 Published : July 8, 2025, 8:15 p.m. | 2 hours, 5 minutes ago Description : MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. A command injection vulnerability exists in the mcp-server-kubernetes MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to child_process.execSync, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. This vulnerability is fixed in 2.5.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 20:15:00 GMT

read more

CVE-2025-7192 - D-Link DIR-645 Command Injection Vulnerability

CVE ID : CVE-2025-7192 Published : July 8, 2025, 8:15 p.m. | 2 hours, 5 minutes ago Description : A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgi_main of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 20:15:00 GMT

read more

CVE-2025-7193 - iSourcecode Agri-Trading Online Shopping System SQL Injection Vulnerability

CVE ID : CVE-2025-7193 Published : July 8, 2025, 8:15 p.m. | 2 hours, 5 minutes ago Description : A vulnerability was found in itsourcecode Agri-Trading Online Shopping System up to 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/suppliercontroller.php. The manipulation of the argument supplier leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 20:15:00 GMT

read more

CVE-2025-7191 - Code-projects Student Enrollment System SQL Injection Vulnerability

CVE ID : CVE-2025-7191 Published : July 8, 2025, 7:15 p.m. | 3 hours, 4 minutes ago Description : A vulnerability has been found in code-projects Student Enrollment System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2023-43039 - IBM OpenPages with Watson Cross-Site Scripting (XSS)

CVE ID : CVE-2023-43039 Published : July 8, 2025, 7:15 p.m. | 1 hour, 5 minutes ago Description : IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2024-49783 - IBM OpenPages with Watson Cryptographic Data Extraction Vulnerability

CVE ID : CVE-2024-49783 Published : July 8, 2025, 7:15 p.m. | 1 hour, 4 minutes ago Description : IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability to use additional cryptographic methods to possibly extract the encrypted data. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2024-49784 - IBM OpenPages with Watson Cryptographic Weakness

CVE ID : CVE-2024-49784 Published : July 8, 2025, 7:15 p.m. | 1 hour, 4 minutes ago Description : IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data values they could exploit this weaker algorithm to use additional cryptographic methods to possibly extract the encrypted data. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-27367 - IBM OpenPages with Watson Input Validation Bypass

CVE ID : CVE-2025-27367 Published : July 8, 2025, 7:15 p.m. | 1 hour, 4 minutes ago Description : IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for GRC Objects when an authenticated user sends a specially crafted payload to the server allowing for data to be saved without storing the required fields. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-27369 - IBM OpenPages with Watson Information Disclosure Vulnerability

CVE ID : CVE-2025-27369 Published : July 8, 2025, 7:15 p.m. | 1 hour, 4 minutes ago Description : IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. An authenticated user is able to obtain certain information about system configuration and internal state which is only intended for administrators of the system. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-37102 - HPE Networking Instant On Access Points Command Injection Vulnerability

CVE ID : CVE-2025-37102 Published : July 8, 2025, 7:15 p.m. | 1 hour, 4 minutes ago Description : An authenticated command injection vulnerability exists in the Command line interface of HPE Networking Instant On Access Points. A successful exploitation could allow a remote attacker with elevated privileges to execute arbitrary commands on the underlying operating system as a highly privileged user. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-48384 - Git Symlink Execution Vulnerability

CVE ID : CVE-2025-48384 Published : July 8, 2025, 7:15 p.m. | 1 hour, 4 minutes ago Description : Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-48385 - Git Bundle Protocol Injection Vulnerability

CVE ID : CVE-2025-48385 Published : July 8, 2025, 7:15 p.m. | 1 hour, 4 minutes ago Description : Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection. This protocol injection can cause the client to write the fetched bundle to a location controlled by the adversary. The fetched content is fully controlled by the server, which can in the worst case lead to arbitrary code execution. The use of bundle URIs is not enabled by default and can be controlled by the bundle.heuristic config option. Some cases of the vulnerability require that the adversary is in control of where a repository will be cloned to. This either requires social engineering or a recursive clone with submodules. These cases can thus be avoided by disabling recursive clones. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-48386 - Git Wincred Buffer Overflow Vulnerability

CVE ID : CVE-2025-48386 Published : July 8, 2025, 7:15 p.m. | 1 hour, 4 minutes ago Description : Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer (target) as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending to it with wcsncat(), leading to potential buffer overflows. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-7190 - Apache Code-projects Library Management System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7190 Published : July 8, 2025, 7:15 p.m. | 1 hour, 4 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. This affects an unknown part of the file /admin/student_edit_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 19:15:00 GMT

read more

CVE-2025-0928 - Juju Unauthorized Agent Binary Upload Vulnerability

CVE ID : CVE-2025-0928 Published : July 8, 2025, 6:15 p.m. | 2 hours, 5 minutes ago Description : In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, without verifying model membership or requiring explicit permissions. This enabled the distribution of poisoned binaries to new or upgraded machines, potentially resulting in remote code execution. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-30312 - Dimension File Parsing Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-30312 Published : July 8, 2025, 6:15 p.m. | 2 hours, 5 minutes ago Description : Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-47135 - Dimension File Handler Out-of-Bounds Read Vulnerability (ASLR Bypass)

CVE ID : CVE-2025-47135 Published : July 8, 2025, 6:15 p.m. | 2 hours, 5 minutes ago Description : Dimension versions 4.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-4663 - Brocade Fabric OS SSH Session Termination DoS

CVE ID : CVE-2025-4663 Published : July 8, 2025, 6:15 p.m. | 2 hours, 4 minutes ago Description : An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based attacker to cause a Denial-of-Service (DoS). The vulnerability is encountered when supportsave is invoked remotely, using ssh command or SANnav inline ssh, and the corresponding ssh session is terminated with Control C (^c ) before supportsave completion. This issue affects Brocade Fabric OS 9.0.0 through 9.2.2 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-53479 - Mediawiki CheckUser Reflected Cross-Site Scripting

CVE ID : CVE-2025-53479 Published : July 8, 2025, 6:15 p.m. | 2 hours, 4 minutes ago Description : The CheckUser extension’s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escaping, making it possible to inject JavaScript through the uselang=x-xss language override mechanism. This issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-7188 - Code-projects Chat System SQL Injection Vulnerability

CVE ID : CVE-2025-7188 Published : July 8, 2025, 6:15 p.m. | 2 hours, 4 minutes ago Description : A vulnerability classified as critical was found in code-projects Chat System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/addmember.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-7189 - Code-projects Chat System SQL Injection Vulnerability

CVE ID : CVE-2025-7189 Published : July 8, 2025, 6:15 p.m. | 2 hours, 4 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Chat System 1.0. Affected by this issue is some unknown functionality of the file /user/send_message.php. The manipulation of the argument msg leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-7362 - Mediawiki MsUpload Stored XSS

CVE ID : CVE-2025-7362 Published : July 8, 2025, 6:15 p.m. | 2 hours, 4 minutes ago Description : The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in the file upload UI when the same filename is uploaded twice. This issue affects Mediawiki - MsUpload extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-7363 - MediaWiki TitleIcon Stored XSS

CVE ID : CVE-2025-7363 Published : July 8, 2025, 6:15 p.m. | 2 hours, 4 minutes ago Description : The TitleIcon extension for MediaWiki is vulnerable to stored XSS through the #titleicon_unicode parser function. User input passed to this function is wrapped in an HtmlArmor object without sanitization and rendered directly into the page header, allowing attackers to inject arbitrary JavaScript. This issue affects Mediawiki - TitleIcon extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 18:15:00 GMT

read more

CVE-2025-49760 - Microsoft Windows Storage Path Traversal Vulnerability

CVE ID : CVE-2025-49760 Published : July 8, 2025, 5:16 p.m. | 3 hours, 4 minutes ago Description : External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-53512 - Juju Controller Debug Information Disclosure Vulnerability

CVE ID : CVE-2025-53512 Published : July 8, 2025, 5:16 p.m. | 3 hours, 4 minutes ago Description : The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-53513 - Juju Charm Zip Slip Unauthorized Upload Vulnerability

CVE ID : CVE-2025-53513 Published : July 8, 2025, 5:16 p.m. | 3 hours, 4 minutes ago Description : The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-7186 - "Code-projects Chat System SQL Injection Vulnerability"

CVE ID : CVE-2025-7186 Published : July 8, 2025, 5:16 p.m. | 3 hours, 4 minutes ago Description : A vulnerability was found in code-projects Chat System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/fetch_chat.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-7187 - Code-Projects Chat System SQL Injection Vulnerability

CVE ID : CVE-2025-7187 Published : July 8, 2025, 5:16 p.m. | 3 hours, 4 minutes ago Description : A vulnerability classified as critical has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /user/fetch_member.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49723 - Windows StateRepository API Authorization Bypass

CVE ID : CVE-2025-49723 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49724 - Windows Connected Devices Platform Service Use-After-Free Remote Code Execution Vulnerability

CVE ID : CVE-2025-49724 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49725 - Windows Notification Use-After-Free Privilege Escalation Vulnerability

CVE ID : CVE-2025-49725 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49726 - Windows Notification Use-After-Free Privilege Escalation

CVE ID : CVE-2025-49726 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49727 - Windows Win32K GRFX Heap-based Buffer Overflow Privilege Escalation Vulnerability

CVE ID : CVE-2025-49727 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49729 - Windows Routing and Remote Access Service (RRAS) Heap-based Buffer Overflow Vulnerability

CVE ID : CVE-2025-49729 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49730 - Microsoft Windows QoS Scheduler TOCTOU Race Condition Privilege Escalation

CVE ID : CVE-2025-49730 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49731 - Microsoft Teams Privilege Escalation Vulnerability

CVE ID : CVE-2025-49731 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49732 - Microsoft Graphics Component Heap-Based Buffer Overflow Privilege Escalation Vulnerability

CVE ID : CVE-2025-49732 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49733 - Windows Win32K ICOMP Use-After-Free Privilege Escalation Vulnerability

CVE ID : CVE-2025-49733 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49735 - "Microsoft Windows KPSSVC Use-After-Free Code Execution Vulnerability"

CVE ID : CVE-2025-49735 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49737 - Microsoft Teams Privilege Escalation Race Condition

CVE ID : CVE-2025-49737 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49738 - Microsoft PC Manager Privilege Escalation Vulnerability

CVE ID : CVE-2025-49738 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49739 - Visual Studio Link Following Privilege Escalation Vulnerability

CVE ID : CVE-2025-49739 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49740 - Microsoft Windows SmartScreen Bypass Vulnerability

CVE ID : CVE-2025-49740 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49742 - Microsoft Graphics Component Integer Overflow Remote Code Execution

CVE ID : CVE-2025-49742 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49744 - Microsoft Graphics Component Heap Buffer Overflow Vulnerability

CVE ID : CVE-2025-49744 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49753 - Windows Routing and Remote Access Service (RRAS) Heap Buffer Overflow

CVE ID : CVE-2025-49753 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49756 - Microsoft Office Developer Platform Cryptographic Algorithm Bypass Vulnerability

CVE ID : CVE-2025-49756 Published : July 8, 2025, 5:16 p.m. | 1 hour, 3 minutes ago Description : Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:16:00 GMT

read more

CVE-2025-49722 - Windows Print Spooler Unauthenticated Denial of Service

CVE ID : CVE-2025-49722 Published : July 8, 2025, 5:15 p.m. | 1 hour, 3 minutes ago Description : Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 17:15:00 GMT

read more

CVE-2024-52965 - Fortinet FortiOS and FortiProxy Authentication Bypass

CVE ID : CVE-2024-52965 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : A missing critical step in authentication vulnerability [CWE-304] in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.13 and before 7.0.20 allows an API-user using api-key + PKI user certificate authentication to login even if the certificate is invalid. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2024-55599 - FortiOS DNS Filter Bypass Vulnerability

CVE ID : CVE-2024-55599 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version 7.4.8 and below, 7.2 all versions, 7.0 all versions may allow a remote unauthenticated user to bypass the DNS filter via Apple devices. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-24474 - FortiManager FortiAnalyzer SQL Injection Vulnerability

CVE ID : CVE-2025-24474 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2 all versions, 7.0 all versions, 6.4 all versions; FortiManager Cloud 7.4.1 through 7.4.6, 7.2 all versions, 7.0 all versions, 6.4 all versions; FortiAnalyzer 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2 all versions, 7.0 all versions, 6.4 all versions; and FortiAnalyzer Cloud 7.4.1 through 7.4.6, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an authenticated attacker with high privilege to extract database information via crafted requests. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-29267 - Abis, Inc Adjutant Core Accounting ERP SQL Injection

CVE ID : CVE-2025-29267 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : SQL Injection vulnerability in Abis, Inc Adjutant Core Accounting ERP build v.PreBeta250F allows a remote attacker to obtain a sensitive information via the cid parameter in the GET request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-2793 - IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2793 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-2827 - IBM Sterling File Gateway Information Disclosure

CVE ID : CVE-2025-2827 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 could disclose sensitive installation directory information to an authenticated user that could be used in further attacks against the system. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-36600 - Dell Client Platform BIOS Local Code Execution Vulnerability

CVE ID : CVE-2025-36600 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-3630 - IBM Sterling B2B Integrator and IBM Sterling File Gateway Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3630 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-53372 - Node-Code-Sandbox-MCP Command Injection Vulnerability

CVE ID : CVE-2025-53372 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : node-code-sandbox-mcp is a Node.js–based Model Context Protocol server that spins up disposable Docker containers to execute arbitrary JavaScript. Prior to 1.3.0, a command injection vulnerability exists in the node-code-sandbox-mcp MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to child_process.execSync, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges on the host machine, bypassing the sandbox protection of running code inside docker. This vulnerability is fixed in 1.3.0. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-53480 - Mediawiki CheckUser Extension Reflected XSS Vulnerability

CVE ID : CVE-2025-53480 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : The CheckUser extension’s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders affected message keys. This issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-53545 - Frappe Press Two-Factor Authentication Bypass Vulnerability

CVE ID : CVE-2025-53545 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Users can circumvent 2FA login for users due to a lack of server side validation for the same. This vulnerability is fixed in commit ddb439f8eb1816010f2ef653a908648b71f9bba8. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-5450 - Ivanti Connect Secure Certificate Management Component Access Control Vulnerability

CVE ID : CVE-2025-5450 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : Improper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated admin with read-only rights to modify settings that should be restricted. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-5451 - Ivanti Connect Secure Stack-Based Buffer Overflow Denial of Service

CVE ID : CVE-2025-5451 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-5463 - Ivanti Connect Secure and Ivanti Policy Secure Sensitive Information Disclosure

CVE ID : CVE-2025-5463 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-6770 - Ivanti Endpoint Manager Mobile OS Command Injection

CVE ID : CVE-2025-6770 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2 allows a remote authenticated attacker with high privileges to achieve remote code execution Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-6995 - Ivanti Endpoint Manager Password Decryption Vulnerability

CVE ID : CVE-2025-6995 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-6996 - Ivanti Endpoint Manager Password Decryption Vulnerability

CVE ID : CVE-2025-6996 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-7037 - Ivanti Endpoint Manager SQL Injection Vulnerability

CVE ID : CVE-2025-7037 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated attacker with admin privileges to read arbitrary data from the database Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-7182 - iSourcecode Student Transcript Processing System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-7182 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/modules/subject/edit.php. The manipulation of the argument pre leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-7183 - Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-7183 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/customer_account.php. The manipulation of the argument Customer leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-7326 - Microsoft ASP.NET Core Privilege Escalation Vulnerability

CVE ID : CVE-2025-7326 Published : July 8, 2025, 3:15 p.m. | 1 hour, 6 minutes ago Description : Weak authentication in EOL ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 15:15:00 GMT

read more

CVE-2025-47422 - Advanced Installer Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-47422 Published : July 8, 2025, 2:15 p.m. | 2 hours, 6 minutes ago Description : Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation vulnerability. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writable locations for non-existent binaries and executes them as SYSTEM. A low-privileged attacker can place a malicious binary in a targeted folder; when the installer is executed, the attacker achieves arbitrary SYSTEM code execution. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 14:15:00 GMT

read more

CVE-2025-7180 - Apache Code-projects Staff Audit System SQL Injection Vulnerability

CVE ID : CVE-2025-7180 Published : July 8, 2025, 2:15 p.m. | 2 hours, 6 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 14:15:00 GMT

read more

CVE-2025-7181 - "Unrestricted File Upload Vulnerability in Staff Audit System"

CVE ID : CVE-2025-7181 Published : July 8, 2025, 2:15 p.m. | 2 hours, 6 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Staff Audit System 1.0. Affected is an unknown function of the file /test.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 14:15:00 GMT

read more

CVE-2025-7345 - Adobe Gdk Buffer Overflow Vulnerability

CVE ID : CVE-2025-7345 Published : July 8, 2025, 2:15 p.m. | 2 hours, 6 minutes ago Description : A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 14:15:00 GMT

read more

CVE-2025-21432 - Apache IoT Gateway Buffer Overflow

CVE ID : CVE-2025-21432 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while retrieving the CBOR data from TA. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21433 - Citrix ADC SSL/TLS Denial of Service

CVE ID : CVE-2025-21433 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21444 - Cisco EMAC Memory Corruption Vulnerability

CVE ID : CVE-2025-21444 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while copying the result to the transmission queue in EMAC. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21445 - VMware ESXi Heap-Based Buffer Overflow

CVE ID : CVE-2025-21445 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while copying the result to the transmission queue which is shared between the virtual machine and the host. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21446 - Cisco Wireless LAN DOS Vulnerability

CVE ID : CVE-2025-21446 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21449 - Cisco Wireless Router Denial of Service (DoS)

CVE ID : CVE-2025-21449 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Transient DOS may occur while processing malformed length field in SSID IEs. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21450 - Cisco WebEx Man-in-the-Middle Attack

CVE ID : CVE-2025-21450 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Cryptographic issue occurs due to use of insecure connection method while downloading. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21454 - Aruba Wireless Beacon Frame Processing Stack Overflow

CVE ID : CVE-2025-21454 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Transient DOS while processing received beacon frame. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21466 - Apache Kafka Memory Corruption Vulnerability

CVE ID : CVE-2025-21466 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while processing a private escape command in an event trigger. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27042 - Cisco Video Firmware Heap Overflow

CVE ID : CVE-2025-27042 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while processing video packets received from video firmware. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27043 - Samsung Video Firmware Buffer Overflow

CVE ID : CVE-2025-27043 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while processing manipulated payload in video firmware. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27044 - Apache FFmpeg Memory Corruption Vulnerability

CVE ID : CVE-2025-27044 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while executing timestamp video decode command with large input values. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27046 - Apache Struts Heap Overflow

CVE ID : CVE-2025-27046 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while processing multiple simultaneous escape calls. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27047 - Apache Tomcat Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-27047 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while processing the TESTPATTERNCONFIG escape path. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27050 - Apache Kafka Memory Corruption Vulnerability

CVE ID : CVE-2025-27050 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while processing event close when client process terminates abruptly. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27051 - Cisco WLAN Host Buffer Overflow

CVE ID : CVE-2025-27051 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while processing command message in WLAN Host. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27052 - Juniper Networks NetScreen Debug Memory Corruption Vulnerability

CVE ID : CVE-2025-27052 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while processing data packets in diag received from Unix clients. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27055 - Adobe Photoshop Buffer Overflow

CVE ID : CVE-2025-27055 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption during the image encoding process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27056 - Apache Tomcat Use-After-Free Memory Corruption Vulnerability

CVE ID : CVE-2025-27056 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption during sub-system restart while processing clean-up to free up resources. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27057 - Aruba Networks Wireless DOS Vulnerability

CVE ID : CVE-2025-27057 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Transient DOS while handling beacon frames with invalid IE header length. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27058 - Cisco IOS Denial of Service

CVE ID : CVE-2025-27058 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption while processing packet data with exceedingly large packet. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-27061 - Cisco Video Firmware Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-27061 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-50130 - FUJI ELECTRIC CO., LTD. V-SFT/TELLUS Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-50130 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. Opening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-7178 - "Code-projects Food Distributor Site SQL Injection Vulnerability"

CVE ID : CVE-2025-7178 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : A vulnerability classified as critical has been found in code-projects Food Distributor Site 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-7179 - Code-Projects Library System SQL Injection Vulnerability

CVE ID : CVE-2025-7179 Published : July 8, 2025, 1:15 p.m. | 1 hour, 2 minutes ago Description : A vulnerability classified as critical was found in code-projects Library System 1.0. This vulnerability affects unknown code of the file /add-teacher.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 13:15:00 GMT

read more

CVE-2025-21002 - LeAudioService Auracast Access Control Vulnerability

CVE ID : CVE-2025-21002 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21003 - Apple Emergency SOS Sensitive Information Disclosure

CVE ID : CVE-2025-21003 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21004 - Samsung Galaxy Watch Intent Verification Vulnerability (Remote Code Execution)

CVE ID : CVE-2025-21004 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21005 - Android Isenburg Telphony Access Control Vulnerability

CVE ID : CVE-2025-21005 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensitive information. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21006 - Android MPEG4 Codec Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-21006 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21007 - Android Libsavsvc Out-of-Bounds Write

CVE ID : CVE-2025-21007 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21008 - Android Libsavsvc Out-of-Bounds Read

CVE ID : CVE-2025-21008 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-21009 - Android libsavsvc.so Out-of-bounds Read Vulnerability

CVE ID : CVE-2025-21009 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-23364 - TIA Administrator Code Signing Certificate Validation Bypass

CVE ID : CVE-2025-23364 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in TIA Administrator (All versions V3.0.6). The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-23365 - TIA Administrator Privilege Escalation (Path Traversal)

CVE ID : CVE-2025-23365 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in TIA Administrator (All versions V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the downloads path. This would allow an attacker to escalate privilege and exceute arbitrary code. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-27127 - Siemens TIA Project-Server File Upload Denial of Service Vulnerability

CVE ID : CVE-2025-27127 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in TIA Project-Server (All versions V2.1.1), TIA Project-Server V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions V20 Update 3). The affected application improperly handles uploaded projects in the document root. This could allow an attacker with contributor privileges to cause denial of service by uploading a malicious project. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40593 - Siemens SIMATIC CN 4100 SFTP File Write Vulnerability

CVE ID : CVE-2025-40593 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in SIMATIC CN 4100 (All versions V4.0). The affected application allows to control the device by storing arbitrary files in the SFTP folder of the device. This could allow an attacker to cause a denial of service condition. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40735 - SINEC NMS SQL Injection Vulnerability

CVE ID : CVE-2025-40735 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in SINEC NMS (All versions V4.0). The affected devices are vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40736 - SINEC NMS Authentication Bypass Vulnerability

CVE ID : CVE-2025-40736 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in SINEC NMS (All versions V4.0). The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an unauthenticated attacker to reset the superadmin password and gain full control of the application (ZDI-CAN-26569). Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40737 - SINEC NMS File Path Validation Vulnerability (Arbitrary File Write/Execution)

CVE ID : CVE-2025-40737 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in SINEC NMS (All versions V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges (ZDI-CAN-26571). Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40738 - SINEC NMS File Path Validation Vulnerability

CVE ID : CVE-2025-40738 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in SINEC NMS (All versions V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privileges (ZDI-CAN-26572). Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40739 - "Solid Edge SE Heap-Based Out-of-Bounds Read Vulnerability"

CVE ID : CVE-2025-40739 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in Solid Edge SE2025 (All versions V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40740 - Solid Edge Out-of-Bounds Read Code Execution Vulnerability

CVE ID : CVE-2025-40740 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in Solid Edge SE2025 (All versions V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40741 - Solid Edge Stack-Based Overflow Vulnerability

CVE ID : CVE-2025-40741 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in Solid Edge SE2025 (All versions V225.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted CFG files. This could allow an attacker to execute code in the context of the current process. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-40742 - Siemens SIPROTEC 5 Session Information Disclosure Vulnerability

CVE ID : CVE-2025-40742 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300) V9.6 (All versions), SIPROTEC 5 6MU85 (CP300) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions), SIPROTEC 5 7SX82 (CP150) (All versions), SIPROTEC 5 7SX85 (CP300) (All versions), SIPROTEC 5 7SY82 (CP150) (All versions), SIPROTEC 5 7UM85 (CP300) (All versions), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions), SIPROTEC 5 7VE85 (CP300) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions), SIPROTEC 5 7VU85 (CP300) (All versions), SIPROTEC 5 Compact 7SX800 (CP050) (All versions). The affected devices include session identifiers in URL requests for certain functionalities. This could allow an attacker to retrieve sensitive session data from browser history, logs, or other storage mechanisms, potentially leading to unauthorized access. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-41222 - RUGGEDCOM TLS Denial of Service Vulnerability

CVE ID : CVE-2025-41222 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions), RUGGEDCOM RMC30 (All versions), RUGGEDCOM RMC8388 V4.X (All versions), RUGGEDCOM RMC8388 V5.X (All versions V5.10.0), RUGGEDCOM RP110 (All versions), RUGGEDCOM RS1600 (All versions), RUGGEDCOM RS1600F (All versions), RUGGEDCOM RS1600T (All versions), RUGGEDCOM RS400 (All versions), RUGGEDCOM RS401 (All versions), RUGGEDCOM RS416 (All versions), RUGGEDCOM RS416P (All versions), RUGGEDCOM RS416Pv2 V4.X (All versions), RUGGEDCOM RS416Pv2 V5.X (All versions V5.10.0), RUGGEDCOM RS416v2 V4.X (All versions), RUGGEDCOM RS416v2 V5.X (All versions V5.10.0), RUGGEDCOM RS8000 (All versions), RUGGEDCOM RS8000A (All versions), RUGGEDCOM RS8000H (All versions), RUGGEDCOM RS8000T (All versions), RUGGEDCOM RS900 (All versions), RUGGEDCOM RS900 (32M) V4.X (All versions), RUGGEDCOM RS900 (32M) V5.X (All versions V5.10.0), RUGGEDCOM RS900G (All versions), RUGGEDCOM RS900G (32M) V4.X (All versions), RUGGEDCOM RS900G (32M) V5.X (All versions V5.10.0), RUGGEDCOM RS900GP (All versions), RUGGEDCOM RS900L (All versions), RUGGEDCOM RS900M-GETS-C01 (All versions), RUGGEDCOM RS900M-GETS-XX (All versions), RUGGEDCOM RS900M-STND-C01 (All versions), RUGGEDCOM RS900M-STND-XX (All versions), RUGGEDCOM RS900W (All versions), RUGGEDCOM RS910 (All versions), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910W (All versions), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920W (All versions), RUGGEDCOM RS930L (All versions), RUGGEDCOM RS930W (All versions), RUGGEDCOM RS940G (All versions), RUGGEDCOM RS969 (All versions), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions), RUGGEDCOM RSG2100 (32M) V5.X (All versions V5.10.0), RUGGEDCOM RSG2100P (All versions), RUGGEDCOM RSG2100P (32M) V4.X (All versions), RUGGEDCOM RSG2100P (32M) V5.X (All versions V5.10.0), RUGGEDCOM RSG2200 (All versions), RUGGEDCOM RSG2288 V4.X (All versions), RUGGEDCOM RSG2288 V5.X (All versions V5.10.0), RUGGEDCOM RSG2300 V4.X (All versions), RUGGEDCOM RSG2300 V5.X (All versions V5.10.0), RUGGEDCOM RSG2300P V4.X (All versions), RUGGEDCOM RSG2300P V5.X (All versions V5.10.0), RUGGEDCOM RSG2488 V4.X (All versions), RUGGEDCOM RSG2488 V5.X (All versions V5.10.0), RUGGEDCOM RSG907R (All versions V5.10.0), RUGGEDCOM RSG908C (All versions V5.10.0), RUGGEDCOM RSG909R (All versions V5.10.0), RUGGEDCOM RSG910C (All versions V5.10.0), RUGGEDCOM RSG920P V4.X (All versions), RUGGEDCOM RSG920P V5.X (All versions V5.10.0), RUGGEDCOM RSL910 (All versions V5.10.0), RUGGEDCOM RST2228 (All versions V5.10.0), RUGGEDCOM RST2228P (All versions V5.10.0), RUGGEDCOM RST916C (All versions V5.10.0), RUGGEDCOM RST916P (All versions V5.10.0). Affected devices do not properly handle malformed TLS handshake messages. This could allow an attacker with network access to the webserver to cause a denial of service resulting in the web server and the device to crash. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-41223 - Huawei RUGGEDCOM TLS CBC Timing Attack

CVE ID : CVE-2025-41223 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions), RUGGEDCOM RMC30 (All versions), RUGGEDCOM RMC8388 V4.X (All versions), RUGGEDCOM RMC8388 V5.X (All versions V5.10.0), RUGGEDCOM RP110 (All versions), RUGGEDCOM RS1600 (All versions), RUGGEDCOM RS1600F (All versions), RUGGEDCOM RS1600T (All versions), RUGGEDCOM RS400 (All versions), RUGGEDCOM RS401 (All versions), RUGGEDCOM RS416 (All versions), RUGGEDCOM RS416P (All versions), RUGGEDCOM RS416Pv2 V4.X (All versions), RUGGEDCOM RS416Pv2 V5.X (All versions V5.10.0), RUGGEDCOM RS416v2 V4.X (All versions), RUGGEDCOM RS416v2 V5.X (All versions V5.10.0), RUGGEDCOM RS8000 (All versions), RUGGEDCOM RS8000A (All versions), RUGGEDCOM RS8000H (All versions), RUGGEDCOM RS8000T (All versions), RUGGEDCOM RS900 (All versions), RUGGEDCOM RS900 (32M) V4.X (All versions), RUGGEDCOM RS900 (32M) V5.X (All versions V5.10.0), RUGGEDCOM RS900G (All versions), RUGGEDCOM RS900G (32M) V4.X (All versions), RUGGEDCOM RS900G (32M) V5.X (All versions V5.10.0), RUGGEDCOM RS900GP (All versions), RUGGEDCOM RS900L (All versions), RUGGEDCOM RS900M-GETS-C01 (All versions), RUGGEDCOM RS900M-GETS-XX (All versions), RUGGEDCOM RS900M-STND-C01 (All versions), RUGGEDCOM RS900M-STND-XX (All versions), RUGGEDCOM RS900W (All versions), RUGGEDCOM RS910 (All versions), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910W (All versions), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920W (All versions), RUGGEDCOM RS930L (All versions), RUGGEDCOM RS930W (All versions), RUGGEDCOM RS940G (All versions), RUGGEDCOM RS969 (All versions), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions), RUGGEDCOM RSG2100 (32M) V5.X (All versions V5.10.0), RUGGEDCOM RSG2100P (All versions), RUGGEDCOM RSG2100P (32M) V4.X (All versions), RUGGEDCOM RSG2100P (32M) V5.X (All versions V5.10.0), RUGGEDCOM RSG2200 (All versions), RUGGEDCOM RSG2288 V4.X (All versions), RUGGEDCOM RSG2288 V5.X (All versions V5.10.0), RUGGEDCOM RSG2300 V4.X (All versions), RUGGEDCOM RSG2300 V5.X (All versions V5.10.0), RUGGEDCOM RSG2300P V4.X (All versions), RUGGEDCOM RSG2300P V5.X (All versions V5.10.0), RUGGEDCOM RSG2488 V4.X (All versions), RUGGEDCOM RSG2488 V5.X (All versions V5.10.0), RUGGEDCOM RSG907R (All versions V5.10.0), RUGGEDCOM RSG908C (All versions V5.10.0), RUGGEDCOM RSG909R (All versions V5.10.0), RUGGEDCOM RSG910C (All versions V5.10.0), RUGGEDCOM RSG920P V4.X (All versions), RUGGEDCOM RSG920P V5.X (All versions V5.10.0), RUGGEDCOM RSL910 (All versions V5.10.0), RUGGEDCOM RST2228 (All versions V5.10.0), RUGGEDCOM RST2228P (All versions V5.10.0), RUGGEDCOM RST916C (All versions V5.10.0), RUGGEDCOM RST916P (All versions V5.10.0). The affected devices support the TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipher suite, which uses CBC (Cipher Block Chaining) mode that is known to be vulnerable to timing attacks. This could allow an attacker to compromise the integrity and confidentiality of encrypted communications. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-41224 - Ruggedcom Unauthenticated Interface Access Bypass

CVE ID : CVE-2025-41224 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions V5.10.0), RUGGEDCOM RMC8388NC V5.X (All versions V5.10.0), RUGGEDCOM RS416NCv2 V5.X (All versions V5.10.0), RUGGEDCOM RS416PNCv2 V5.X (All versions V5.10.0), RUGGEDCOM RS416Pv2 V5.X (All versions V5.10.0), RUGGEDCOM RS416v2 V5.X (All versions V5.10.0), RUGGEDCOM RS900 (32M) V5.X (All versions V5.10.0), RUGGEDCOM RS900G (32M) V5.X (All versions V5.10.0), RUGGEDCOM RS900GNC(32M) V5.X (All versions V5.10.0), RUGGEDCOM RS900NC(32M) V5.X (All versions V5.10.0), RUGGEDCOM RSG2100 (32M) V5.X (All versions V5.10.0), RUGGEDCOM RSG2100NC(32M) V5.X (All versions V5.10.0), RUGGEDCOM RSG2100P (32M) V5.X (All versions V5.10.0), RUGGEDCOM RSG2100PNC (32M) V5.X (All versions V5.10.0), RUGGEDCOM RSG2288 V5.X (All versions V5.10.0), RUGGEDCOM RSG2288NC V5.X (All versions V5.10.0), RUGGEDCOM RSG2300 V5.X (All versions V5.10.0), RUGGEDCOM RSG2300NC V5.X (All versions V5.10.0), RUGGEDCOM RSG2300P V5.X (All versions V5.10.0), RUGGEDCOM RSG2300PNC V5.X (All versions V5.10.0), RUGGEDCOM RSG2488 V5.X (All versions V5.10.0), RUGGEDCOM RSG2488NC V5.X (All versions V5.10.0), RUGGEDCOM RSG907R (All versions V5.10.0), RUGGEDCOM RSG908C (All versions V5.10.0), RUGGEDCOM RSG909R (All versions V5.10.0), RUGGEDCOM RSG910C (All versions V5.10.0), RUGGEDCOM RSG920P V5.X (All versions V5.10.0), RUGGEDCOM RSG920PNC V5.X (All versions V5.10.0), RUGGEDCOM RSL910 (All versions V5.10.0), RUGGEDCOM RSL910NC (All versions V5.10.0), RUGGEDCOM RST2228 (All versions V5.10.0), RUGGEDCOM RST2228P (All versions V5.10.0), RUGGEDCOM RST916C (All versions V5.10.0), RUGGEDCOM RST916P (All versions V5.10.0). The affected products do not properly enforce interface access restrictions when changing from management to non-management interface configurations until a system reboot occurs, despite configuration being saved. This could allow an attacker with network access and credentials to gain access to device through non-management and maintain SSH access to the device until reboot. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-7174 - Code-Projects Library System SQL Injection Vulnerability

CVE ID : CVE-2025-7174 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file /teacher-issue-book.php. The manipulation of the argument idn leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-7175 - Code-projects E-Commerce Site Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7175 Published : July 8, 2025, 11:15 a.m. | 1 hour, 13 minutes ago Description : A vulnerability was found in code-projects E-Commerce Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 11:15:00 GMT

read more

CVE-2025-7170 - Crime Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7170 Published : July 8, 2025, 9:15 a.m. | 1 hour, 3 minutes ago Description : A vulnerability classified as critical was found in code-projects Crime Reporting System 1.0. Affected by this vulnerability is an unknown functionality of the file /registration.php. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 09:15:00 GMT

read more

CVE-2025-7171 - "Crime Reporting System SQL Injection Vulnerability"

CVE ID : CVE-2025-7171 Published : July 8, 2025, 9:15 a.m. | 1 hour, 3 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Crime Reporting System 1.0. Affected by this issue is some unknown functionality of the file /policelogin.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 09:15:00 GMT

read more

CVE-2025-38236 - Linux Unix af_unix Use-After-Free Vulnerability

CVE ID : CVE-2025-38236 Published : July 8, 2025, 8:15 a.m. | 2 hours, 3 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unix_stream_read_generic(). The following sequences reproduce the issue: $ python3 from socket import * s1, s2 = socketpair(AF_UNIX, SOCK_STREAM) s1.send(b'x', MSG_OOB) s2.recv(1, MSG_OOB) # leave a consumed OOB skb s1.send(b'y', MSG_OOB) s2.recv(1, MSG_OOB) # leave a consumed OOB skb s1.send(b'z', MSG_OOB) s2.recv(1) # recv 'z' illegally s2.recv(1, MSG_OOB) # access 'z' skb (use-after-free) Even though a user reads OOB data, the skb holding the data stays on the recv queue to mark the OOB boundary and break the next recv(). After the last send() in the scenario above, the sk2's recv queue has 2 leading consumed OOB skbs and 1 real OOB skb. Then, the following happens during the next recv() without MSG_OOB 1. unix_stream_read_generic() peeks the first consumed OOB skb 2. manage_oob() returns the next consumed OOB skb 3. unix_stream_read_generic() fetches the next not-yet-consumed OOB skb 4. unix_stream_read_generic() reads and frees the OOB skb , and the last recv(MSG_OOB) triggers KASAN splat. The 3. above occurs because of the SO_PEEK_OFF code, which does not expect unix_skb_len(skb) to be 0, but this is true for such consumed OOB skbs. while (skip >= unix_skb_len(skb)) { skip -= unix_skb_len(skb); skb = skb_peek_next(skb, &sk->sk_receive_queue); ... } In addition to this use-after-free, there is another issue that ioctl(SIOCATMARK) does not function properly with consecutive consumed OOB skbs. So, nothing good comes out of such a situation. Instead of complicating manage_oob(), ioctl() handling, and the next ECONNRESET fix by introducing a loop for consecutive consumed OOB skbs, let's not leave such consecutive OOB unnecessarily. Now, while receiving an OOB skb in unix_stream_recv_urg(), if its previous skb is a consumed OOB skb, it is freed. [0]: BUG: KASAN: slab-use-after-free in unix_stream_read_actor (net/unix/af_unix.c:3027) Read of size 4 at addr ffff888106ef2904 by task python3/315 CPU: 2 UID: 0 PID: 315 Comm: python3 Not tainted 6.16.0-rc1-00407-gec315832f6f9 #8 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-4.fc42 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:122) print_report (mm/kasan/report.c:409 mm/kasan/report.c:521) kasan_report (mm/kasan/report.c:636) unix_stream_read_actor (net/unix/af_unix.c:3027) unix_stream_read_generic (net/unix/af_unix.c:2708 net/unix/af_unix.c:2847) unix_stream_recvmsg (net/unix/af_unix.c:3048) sock_recvmsg (net/socket.c:1063 (discriminator 20) net/socket.c:1085 (discriminator 20)) __sys_recvfrom (net/socket.c:2278) __x64_sys_recvfrom (net/socket.c:2291 (discriminator 1) net/socket.c:2287 (discriminator 1) net/socket.c:2287 (discriminator 1)) do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) RIP: 0033:0x7f8911fcea06 Code: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08 RSP: 002b:00007fffdb0dccb0 EFLAGS: 00000202 ORIG_RAX: 000000000000002d RAX: ffffffffffffffda RBX: 00007fffdb0dcdc8 RCX: 00007f8911fcea06 RDX: 0000000000000001 RSI: 00007f8911a5e060 RDI: 0000000000000006 RBP: 00007fffdb0dccd0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000202 R12: 00007f89119a7d20 R13: ffffffffc4653600 R14: 0000000000000000 R15: 0000000000000000 Allocated by task 315: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1)) __kasan_slab_alloc (mm/kasan/common.c:348) kmem_cache_alloc_ ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 08:15:00 GMT

read more

CVE-2025-38237 - Samsung Exynos4 Linux Kernel Interrupt Handling Vulnerability

CVE ID : CVE-2025-38237 Published : July 8, 2025, 8:15 a.m. | 2 hours, 3 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() In fimc_is_hw_change_mode(), the function changes camera modes without waiting for hardware completion, risking corrupted data or system hangs if subsequent operations proceed before the hardware is ready. Add fimc_is_hw_wait_intmsr0_intmsd0() after mode configuration, ensuring hardware state synchronization and stable interrupt handling. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 08:15:00 GMT

read more

CVE-2025-7168 - Apache Crime Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7168 Published : July 8, 2025, 8:15 a.m. | 2 hours, 3 minutes ago Description : A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /userlogin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 08:15:00 GMT

read more

CVE-2025-7169 - Code-projects Crime Reporting System SQL Injection Vulnerability

CVE ID : CVE-2025-7169 Published : July 8, 2025, 8:15 a.m. | 2 hours, 3 minutes ago Description : A vulnerability classified as critical has been found in code-projects Crime Reporting System 1.0. Affected is an unknown function of the file /complainer_page.php. The manipulation of the argument location leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 08:15:00 GMT

read more

CVE-2025-24002 - "Cisco Charging Station MQTT Denial-of-Service Vulnerability"

CVE ID : CVE-2025-24002 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-24003 - "Siemens EichrechtAgent MQTT Out-of-Bounds Write Denial-of-Service"

CVE ID : CVE-2025-24003 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-24004 - Cisco Switch USB-C Buffer Overflow Vulnerability

CVE ID : CVE-2025-24004 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a buffer resulting in loss of integrity and a temporary denial-of-service for the stations until they got restarted by the watchdog. Severity: 5.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-24005 - Apache SSH Privilege Escalation Vulnerability

CVE ID : CVE-2025-24005 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-24006 - Cisco SSH Privilege Escalation Vulnerability

CVE ID : CVE-2025-24006 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-25268 - Apache API Unauthenticated Configuration Modification

CVE ID : CVE-2025-25268 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-25269 - Apache Command Injection Vulnerability

CVE ID : CVE-2025-25269 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-25270 - Cisco IOS Remote Code Execution Vulnerability

CVE ID : CVE-2025-25270 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-25271 - "EVgo OCPP Configuration Interface Insecure Defaults"

CVE ID : CVE-2025-25271 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-41665 - Siemens SIMATIC S7-1200 Watchdog Reboot Vulnerability

CVE ID : CVE-2025-41665 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : An low privileged remote attacker can enforce the watchdog of the affected devices to reboot the PLC due to incorrect default permissions of a config file. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-41666 - Apache Watchdog File Access Bypass

CVE ID : CVE-2025-41666 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : A low privileged remote attacker with file access can replace a critical file used by the watchdog to get read, write and execute access to any file on the device after the watchdog has been initialized. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-41667 - Aruba Networks File Access Privilege Escalation Vulnerability

CVE ID : CVE-2025-41667 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file on the device. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-41668 - Apache Service Security Profile File System Tampering Vulnerability

CVE ID : CVE-2025-41668 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : A low privileged remote attacker with file access can replace a critical file or folder used by the service security-profile to get read, write and execute access to any file on the device. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-42956 - SAP NetWeaver Cross-Site Scripting (XSS)

CVE ID : CVE-2025-42956 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, injected input data will be used by the web site page generation to create content which when executed in the victim's browser leading to low impact on Confidentiality and Integrity with no effect on Availability of the application. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-6743 - WordPress Woodmart Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6743 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : The Woodmart theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'multiple_markers' attribute in all versions up to, and including, 8.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-6746 - WordPress WoodMart Plugin Local File Inclusion Vulnerability

CVE ID : CVE-2025-6746 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : The WoodMart plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.2.3 via the 'layout' attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php files can be uploaded and included. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-7166 - Code-projects Responsive Blog Site SQL Injection Vulnerability

CVE ID : CVE-2025-7166 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : A vulnerability was found in code-projects Responsive Blog Site 1.0. It has been classified as critical. This affects an unknown part of the file /single.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-7167 - Code-Projects Responsive Blog Site SQL Injection Vulnerability

CVE ID : CVE-2025-7167 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : A vulnerability was found in code-projects Responsive Blog Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-7346 - Apache Maven Package Tampering Vulnerability

CVE ID : CVE-2025-7346 Published : July 8, 2025, 7:15 a.m. | 3 hours, 3 minutes ago Description : Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 07:15:00 GMT

read more

CVE-2025-7164 - PHPGurukul/Campcodes Cyber Cafe Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7164 Published : July 8, 2025, 6:15 a.m. | 2 hours, 2 minutes ago Description : A vulnerability has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 06:15:00 GMT

read more

CVE-2025-7165 - PHPGurukul/Campcodes Cyber Cafe Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7165 Published : July 8, 2025, 6:15 a.m. | 2 hours, 2 minutes ago Description : A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 06:15:00 GMT

read more

CVE-2025-7327 - Google Reviews for WordPress Directory Traversal Vulnerability

CVE ID : CVE-2025-7327 Published : July 8, 2025, 6:15 a.m. | 2 hours, 2 minutes ago Description : The Widget for Google Reviews plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.0.15 via the layout parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. This is limited to just PHP files. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 06:15:00 GMT

read more

CVE-2025-5957 - "WordPress Guest Support Unauthenticated Ticket Deletion Vulnerability"

CVE ID : CVE-2025-5957 Published : July 8, 2025, 5:15 a.m. | 3 hours, 2 minutes ago Description : The Guest Support – Complete customer support ticket system for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deleteMassTickets' function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to delete arbitrary support tickets. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 05:15:00 GMT

read more

CVE-2025-7162 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7162 Published : July 8, 2025, 5:15 a.m. | 3 hours, 2 minutes ago Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Zoo Management System 2.1. This issue affects some unknown processing of the file /admin/add-foreigners-ticket.php. The manipulation of the argument cprice leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 05:15:00 GMT

read more

CVE-2025-7163 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7163 Published : July 8, 2025, 5:15 a.m. | 3 hours, 2 minutes ago Description : A vulnerability, which was classified as critical, was found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/add-animals.php. The manipulation of the argument cnum leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 05:15:00 GMT

read more

CVE-2025-5537 - FooBox Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5537 Published : July 8, 2025, 5:15 a.m. | 1 hour, 15 minutes ago Description : The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 05:15:00 GMT

read more

CVE-2025-7160 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7160 Published : July 8, 2025, 4:15 a.m. | 2 hours, 15 minutes ago Description : A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. This affects an unknown part of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 04:15:00 GMT

read more

CVE-2025-7161 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7161 Published : July 8, 2025, 4:15 a.m. | 2 hours, 15 minutes ago Description : A vulnerability classified as critical was found in PHPGurukul Zoo Management System 2.1. This vulnerability affects unknown code of the file /admin/add-normal-ticket.php. The manipulation of the argument cprice leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 04:15:00 GMT

read more

CVE-2025-20693 - Intel Wireless LAN STA Driver Out-of-Bounds Read Information Disclosure Vulnerability

CVE ID : CVE-2025-20693 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-3421. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20694 - Intel Bluetooth Denial of Service Vulnerability

CVE ID : CVE-2025-20694 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20695 - Qualcomm Bluetooth Denial of Service Vulnerability

CVE ID : CVE-2025-20695 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09741871; Issue ID: MSV-3317. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53610 - Cisco WebEx Meeting Server Unvalidated Redirect

CVE ID : CVE-2025-53610 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53611 - Cisco Webex Meeting Server Authentication Bypass

CVE ID : CVE-2025-53611 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53612 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-53612 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53613 - Apache HTTP Server Unvalidated Request Parameter

CVE ID : CVE-2025-53613 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53614 - OpenVAS vulnerability in OpenVAS

CVE ID : CVE-2025-53614 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53615 - Apache Struts Unvalidated Redirect to Malicious Site

CVE ID : CVE-2025-53615 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53616 - Apache HTTP Server SQL Injection

CVE ID : CVE-2025-53616 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-53617 - Apache HTTP Server Request Smuggling

CVE ID : CVE-2025-53617 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-5570 - WordPress AI Engine Plugin Stored Cross-Site Scripting vulnerabilit

CVE ID : CVE-2025-5570 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : The AI Engine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the mwai_chatbot shortcode 'id' parameter in all versions up to, and including, 2.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-6244 - Elementor - Stored Cross-Site Scripting in Calendar and Business Reviews Widgets

CVE ID : CVE-2025-6244 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : The Essential Addons for Elementor – Popular Elementor Templates and Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the via `Calendar` And `Business Reviews` Widgets attributes in all versions up to, and including, 6.1.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-7157 - Code-projects Online Note Sharing SQL Injection

CVE ID : CVE-2025-7157 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-7158 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7158 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-normal-ticket.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-7159 - PHPGurukul Zoo Management System SQL Injection

CVE ID : CVE-2025-7159 Published : July 8, 2025, 3:15 a.m. | 3 hours, 15 minutes ago Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/manage-animals.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20690 - "Qualcomm Wlan AP Driver Out-of-Bounds Read Information Disclosure Vulnerability"

CVE ID : CVE-2025-20690 Published : July 8, 2025, 3:15 a.m. | 3 hours, 2 minutes ago Description : In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418038; Issue ID: MSV-3478. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20691 - "Qualcomm Wlan AP Driver Out-of-Bounds Read Vulnerability"

CVE ID : CVE-2025-20691 Published : July 8, 2025, 3:15 a.m. | 3 hours, 2 minutes ago Description : In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418039; Issue ID: MSV-3477. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20692 - "Qualcomm Wlan AP Driver Out-of-Bounds Read Vulnerability"

CVE ID : CVE-2025-20692 Published : July 8, 2025, 3:15 a.m. | 3 hours, 2 minutes ago Description : In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418040; Issue ID: MSV-3476. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20684 - D-Link WLAN AP Driver Out-of-Bounds Write Privilege Escalation Vulnerability

CVE ID : CVE-2025-20684 Published : July 8, 2025, 3:15 a.m. | 1 hour, 2 minutes ago Description : In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416939; Issue ID: MSV-3422. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20685 - "Qualcomm WCN wlan AP Driver Arbitrary Write Vulnerability"

CVE ID : CVE-2025-20685 Published : July 8, 2025, 3:15 a.m. | 1 hour, 2 minutes ago Description : In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416226; Issue ID: MSV-3409. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20686 - "Aruba WLAN AP Driver Out-of-Bounds Write Remote Code Execution Vulnerability"

CVE ID : CVE-2025-20686 Published : July 8, 2025, 3:15 a.m. | 1 hour, 2 minutes ago Description : In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415570; Issue ID: MSV-3404. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20687 - Qualcomm Bluetooth Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-20687 Published : July 8, 2025, 3:15 a.m. | 1 hour, 2 minutes ago Description : In Bluetooth driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418045; Issue ID: MSV-3481. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20688 - Intel Wireless LAN AP Driver Out-of-Bounds Read Information Disclosure Vulnerability

CVE ID : CVE-2025-20688 Published : July 8, 2025, 3:15 a.m. | 1 hour, 2 minutes ago Description : In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418047; Issue ID: MSV-3480. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-20689 - "Intel WCNCR WLAN AP Driver Out-of-Bounds Read Vulnerability"

CVE ID : CVE-2025-20689 Published : July 8, 2025, 3:15 a.m. | 1 hour, 2 minutes ago Description : In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418048; Issue ID: MSV-3479. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 03:15:00 GMT

read more

CVE-2025-42959 - Apache HMAC Reuse Replay Attack

CVE ID : CVE-2025-42959 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code (HMAC) credential, extracted from a system missing specific security patches, is reused in a replay attack against a different system. Even if the target system is fully patched, successful exploitation could result in complete system compromise, affecting confidentiality, integrity, and availability. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42960 - SAP Business Warehouse and SAP BW/4HANA BEx Tools Authorization Bypass

CVE ID : CVE-2025-42960 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact data integrity by allowing deletion of user table entries. It has no impact on the confidentiality and availability of the application. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42961 - SAP NetWeaver Application Server for ABAP Permissive Access Configuration Privilege Escalation

CVE ID : CVE-2025-42961 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : Due to a missing authorization check in SAP NetWeaver Application server for ABAP, an authenticated user with high privileges could exploit the insufficient validation of user permissions to access sensitive database tables. By leveraging overly permissive access configurations, unauthorized reading of critical data is possible, resulting in a significant impact on the confidentiality of the information stored. However, the integrity and availability of the system remain unaffected. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42962 - SAP Business Warehouse Cross-Site Scripting (XSS)

CVE ID : CVE-2025-42962 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAP Business Warehouse (Business Explorer Web) allows an attacker to create a malicious link. If an authenticated user clicks on this link, the injected script gets executed within the scope of victim s browser. This potentially leads to an impact on confidentiality and integrity. Availability is not impacted. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42963 - SAP NetWeaver Application Server for Java Java Object Deserialization Remote Code Execution Vulnerability

CVE ID : CVE-2025-42963 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42964 - SAP NetWeaver Enterprise Portal Remote Code Execution Vulnerability

CVE ID : CVE-2025-42964 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAP NetWeaver Enterprise Portal Administration is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42965 - SAP CMC Information Disclosure Network Discovery Vulnerability

CVE ID : CVE-2025-42965 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAP CMC Promotion Management allows an authenticated attacker to enumerate internal network systems by submitting crafted requests during job source configuration. By analysing response times for various IP addresses and ports, the attacker can infer valid network endpoints. Successful exploitation may lead to information disclosure. This vulnerability does not impact the integrity or availability of the application. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42966 - SAP NetWeaver Java Deserialization Vulnerability

CVE ID : CVE-2025-42966 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42967 - SAP S/4HANA and SAP SCM Remote Code Execution Vulnerability

CVE ID : CVE-2025-42967 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker with high privileges to create a new report with his own code potentially gaining full control of the affected SAP system causing high impact on confidentiality, integrity, and availability of the application. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42968 - SAP NetWeaver Information Disclosure

CVE ID : CVE-2025-42968 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on confidentiality with no effect on integrity or availability of the application. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42969 - SAP NetWeaver Application Server ABAP and ABAP Platform Cross-Site Scripting (XSS)

CVE ID : CVE-2025-42969 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to inject a malicious script into a dynamically crafted URL. The victim, when tricked into clicking on this crafted URL unknowingly executes the malicious payload in their browser. On successful exploitation, the attacker can access or modify sensitive information within the scope of victim's web browser, with no impact on availability of the application. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42970 - SAPCAR Directory Traversal Vulnerability

CVE ID : CVE-2025-42970 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an attacker could craft a malicious SAPCAR archive containing directory traversal sequences. When a high privileged victim extracts this malicious archive, it is then processed by SAPCAR on their system, causing files to be extracted outside the intended directory and overwriting files in arbitrary locations. This vulnerability has a high impact on the integrity and availability of the application with no impact on confidentiality. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42971 - SAPCAR Out-of-Bounds Memory Corruption Vulnerability

CVE ID : CVE-2025-42971 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by SAPCAR on their system, resulting in out-of-bounds memory read and write. This could lead to file extraction and file overwrite outside the intended directories. This vulnerability has low impact on the confidentiality, integrity and availability of the application. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42973 - SAP Data Services Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-42973 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : Due to a Cross-Site Scripting vulnerability in SAP Data Services Management Console, an authenticated attacker could exploit the search functionality associated with DQ job status reports. By intercepting requests, malicious script can be injected and subsequently executed when a user loads the affected page. This results in a limited impact on the confidentiality and integrity of user session information, while availability remains unaffected. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42974 - SAP Function Module Remote Information Disclosure Vulnerability

CVE ID : CVE-2025-42974 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : Due to missing authorization check, an attacker authenticated as a non-administrative user could call a remote-enabled function module. This could enable access to information normally restricted, resulting in low impact on confidentiality. There is no impact on integrity or availability. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42978 - SAP NetWeaver Application Server Java TLS Hostname Validation Bypass

CVE ID : CVE-2025-42978 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : The widely used component that establishes outbound TLS connections in SAP NetWeaver Application Server Java does not reliably match the hostname that is used for the connection against the wildcard hostname defined in the received certificate of remote TLS server. This might lead to the outbound connection being established to a possibly malicious remote TLS server and hence disclose information. Integrity and Availability are not impacted. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42979 - SAP GUI for Windows Credentials Obfuscation Vulnerability

CVE ID : CVE-2025-42979 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms instead of secure symmetric ciphers for storing the credentials of an RFC user on the client PC. This leads to a high impact on confidentiality because any attacker who gains access to the user hive of this user s windows registry could recreate the original password. There is no impact on integrity or availability of the application Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42980 - SAP NetWeaver Enterprise Portal Deserialization Remote Code Execution Vulnerability

CVE ID : CVE-2025-42980 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAP NetWeaver Enterprise Portal Federated Portal Network is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42981 - SAP NetWeaver Application Server ABAP Open Redirect Vulnerability

CVE ID : CVE-2025-42981 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : Due to an open redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft a URL link embedding a malicious script at a location not properly sanitized. When a victim clicks on this link, the script executes within the victim's browser, redirecting them to a site controlled by the attacker. This allows the attacker to access and/or modify restricted information related to the web client. While the vulnerability poses no impact on data availability, it presents a considerable risk to confidentiality and integrity. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42985 - SAP BusinessObjects Content Administrator Workbench Cross-Site Scripting (XSS)

CVE ID : CVE-2025-42985 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : Due to insufficient sanitization in the SAP BusinessObjects Content Administrator Workbench, attackers could craft malicious URLs and execute scripts in a victim s browser. This could potentially lead to the exposure or modification of web client data, resulting in low impact on confidentiality and integrity, with no impact on application availability. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42986 - SAP BASIS Authentication Bypass

CVE ID : CVE-2025-42986 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : Due to a missing authorization check in an obsolete RFC enabled function module in SAP BASIS, an authenticated low-privileged attacker could call a Remote Function Call (RFC), potentially accessing restricted system information. This results in low impact on confidentiality, with no impact on integrity or availability of the application. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-42992 - SAPCAR Privilege Escalation Vulnerability

CVE ID : CVE-2025-42992 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAPCAR allows an attacker logged in with high privileges to create a malicious SAR archive in SAPCAR. This could enable the attacker to exploit critical files and directory permissions without breaking signature validation, resulting in potential privilege escalation. This has high impact on integrity, but low impact on confidentiality and availability of the system. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-43001 - SAPCAR Privilege Escalation Directory Traversal

CVE ID : CVE-2025-43001 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : SAPCAR allows an attacker logged in with high privileges to override the permissions of the current and parent directories of the user or process extracting the archive, leading to privilege escalation. On successful exploitation, an attacker could modify the critical files by tampering with signed archives without breaking the signature, but it has a low impact on the confidentiality and availability of the system. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-7154 - TOTOLINK N200RE OS Command Injection Vulnerability

CVE ID : CVE-2025-7154 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : A vulnerability, which was classified as critical, has been found in TOTOLINK N200RE 9.3.5u.6095_B20200916/9.3.5u.6139_B20201216. Affected by this issue is the function sub_41A0F8 of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Hostname leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-7155 - PHPGurukul Online Notes Sharing System Cookie Handler SQL Injection

CVE ID : CVE-2025-7155 Published : July 8, 2025, 1:15 a.m. | 1 hour, 8 minutes ago Description : A vulnerability, which was classified as critical, was found in PHPGurukul Online Notes Sharing System 1.0. This affects an unknown part of the file /Dashboard of the component Cookie Handler. The manipulation of the argument sessionid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The original researcher disclosure suspects an XPath Injection vulnerability; however, the provided attack payload appears to be characteristic of an SQL Injection attack. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 08 Jul 2025 01:15:00 GMT

read more

CVE-2025-7150 - Campcodes Advanced Online Voting System SQL Injection

CVE ID : CVE-2025-7150 Published : July 7, 2025, 11:15 p.m. | 54 minutes ago Description : A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/voters_delete.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 23:15:00 GMT

read more

CVE-2025-7151 - Campcodes Advanced Online Voting System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7151 Published : July 7, 2025, 11:15 p.m. | 54 minutes ago Description : A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/voters_add.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 23:15:00 GMT

read more

CVE-2025-7148 - CodeAstro Simple Hospital Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7148 Published : July 7, 2025, 10:15 p.m. | 1 hour, 54 minutes ago Description : A vulnerability was found in CodeAstro Simple Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /patient.html of the component POST Parameter Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 22:15:00 GMT

read more

CVE-2025-7149 - Campcodes Advanced Online Voting System SQL Injection Vulnerability

CVE ID : CVE-2025-7149 Published : July 7, 2025, 10:15 p.m. | 1 hour, 54 minutes ago Description : A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/candidates_delete.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 22:15:00 GMT

read more

CVE-2025-7144 - SourceCodester Best Salon Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7144 Published : July 7, 2025, 9:15 p.m. | 2 hours, 54 minutes ago Description : A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /panel/admin-profile.php of the component Admin Profile Page. The manipulation of the argument Admin Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 21:15:00 GMT

read more

CVE-2025-7147 - CodeAstro Patient Record Management System SQL Injection

CVE ID : CVE-2025-7147 Published : July 7, 2025, 9:15 p.m. | 2 hours, 54 minutes ago Description : A vulnerability has been found in CodeAstro Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 21:15:00 GMT

read more

CVE-2025-53496 - Wikimedia Mediawiki MediaSearch Extension Stored XSS

CVE ID : CVE-2025-53496 Published : July 7, 2025, 8:15 p.m. | 3 hours, 54 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MediaSearch Extension allows Stored XSS.This issue affects Mediawiki - MediaSearch Extension: from 1.39.X before 1.39.13, from 1.43.X before 1.43.2. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-53539 - FastAPI Guard Regular Expression Denial of Service (ReDoS)

CVE ID : CVE-2025-53539 Published : July 7, 2025, 8:15 p.m. | 3 hours, 54 minutes ago Description : FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. fastapi-guard's penetration attempts detection uses regex to scan incoming requests. However, some of the regex patterns used in detection are extremely inefficient and can cause polynomial complexity backtracks when handling specially crafted inputs. This vulnerability is fixed in 3.0.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-53540 - Arduino-ESP32 CSRF Vulnerability Allows Remote Code Execution (RCE)

CVE ID : CVE-2025-53540 Published : July 7, 2025, 8:15 p.m. | 3 hours, 54 minutes ago Description : arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Several OTA update examples and the HTTPUpdateServer implementation are vulnerable to Cross-Site Request Forgery (CSRF). The update endpoints accept POST requests for firmware uploads without CSRF protection. This allows an attacker to upload and execute arbitrary firmware, resulting in remote code execution (RCE). This vulnerability is fixed in 3.2.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-53543 - Kestra Stored XSS Vulnerability

CVE ID : CVE-2025-53543 Published : July 7, 2025, 8:15 p.m. | 3 hours, 54 minutes ago Description : Kestra is an event-driven orchestration platform. The error message in execution "Overview" tab is vulnerable to stored XSS due to improper handling of HTTP response received. This vulnerability is fixed in 0.22.0. Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-7142 - SourceCodester Best Salon Management System Cross Site Scripting

CVE ID : CVE-2025-7142 Published : July 7, 2025, 8:15 p.m. | 3 hours, 54 minutes ago Description : A vulnerability, which was classified as problematic, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /panel/search-appointment.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-7143 - SourceCodester Best Salon Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7143 Published : July 7, 2025, 8:15 p.m. | 3 hours, 54 minutes ago Description : A vulnerability, which was classified as problematic, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/edit-tax.php of the component Update Tax Page. The manipulation of the argument Tax Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 20:15:00 GMT

read more

CVE-2025-53478 - Mediawiki CheckUser Extension Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53478 Published : July 7, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : The CheckUser extension’s Special:Investigate interface is vulnerable to reflected XSS due to improper escaping of certain internationalized system messages rendered on the “IPs and User agents” tab. This issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-53488 - Wikimedia Foundation Mediawiki WikiHiero Extension Stored XSS

CVE ID : CVE-2025-53488 Published : July 7, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - WikiHiero Extension allows Stored XSS.This issue affects Mediawiki - WikiHiero Extension: from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-53495 - Wikimedia Foundation Mediawiki AbuseFilter Extension Authorization Bypass

CVE ID : CVE-2025-53495 Published : July 7, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-53498 - Wikimedia Foundation Mediawiki AbuseFilter Extension Data Leakage Vulnerability

CVE ID : CVE-2025-53498 Published : July 7, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : : Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-53499 - Wikimedia Foundation Mediawiki AbuseFilter Extension Missing Authorization Vulnerability

CVE ID : CVE-2025-53499 Published : July 7, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : : Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-6044 - Google ChromeOS Lenovo Stylus Tools Improper Access Control

CVE ID : CVE-2025-6044 Published : July 7, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on Lenovo devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture feature. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-7140 - SourceCodester Best Salon Management System Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7140 Published : July 7, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : A vulnerability classified as problematic has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-staff.php of the component Update Staff Page. The manipulation of the argument Staff Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-7141 - SourceCodester Best Salon Management System Cross Site Scripting Vulnerability

CVE ID : CVE-2025-7141 Published : July 7, 2025, 7:15 p.m. | 4 hours, 54 minutes ago Description : A vulnerability classified as problematic was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /panel/edit_plan.php of the component Update Staff Page. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 19:15:00 GMT

read more

CVE-2025-20325 - Splunk Enterprise and Cloud Platform Search Head Cluster Secret Key Exposure

CVE ID : CVE-2025-20325 Published : July 7, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113, and 9.2.2406.119, the software potentially exposes the search head cluster [splunk.secret](https://help.splunk.com/en/splunk-enterprise/administer/manage-users-and-security/9.4/install-splunk-enterprise-securely/deploy-secure-passwords-across-multiple-servers) key. This exposure could happen if you have a Search Head cluster and you configure the Splunk Enterprise `SHCConfig` log channel at the DEBUG logging level in the clustered deployment. The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities), [Deploy a search head cluster](https://help.splunk.com/en/splunk-enterprise/administer/distributed-search/9.4/deploy-search-head-clustering/deploy-a-search-head-cluster), [Deploy secure passwords across multiple servers](https://help.splunk.com/en/splunk-enterprise/administer/manage-users-and-security/9.4/install-splunk-enterprise-securely/deploy-secure-passwords-across-multiple-servers) and [Set a security key for the search head cluster](https://help.splunk.com/splunk-enterprise/administer/distributed-search/9.4/configure-search-head-clustering/set-a-security-key-for-the-search-head-cluster#id_2c54937a_736c_47b5_9485_67e9e390acfa__Set_a_security_key_for_the_search_head_cluster) for more information. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-53535 - Better Auth Open Redirect Vulnerability

CVE ID : CVE-2025-53535 Published : July 7, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : Better Auth is an authentication and authorization library for TypeScript. An open redirect has been found in the originCheck middleware function, which affects the following routes: /verify-email, /reset-password/:token, /delete-user/callback, /magic-link/verify, /oauth-proxy-callback. This vulnerability is fixed in 1.2.10. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-53536 - Roo Code Code Execution Vulnerability (Arbitrary Command Injection)

CVE ID : CVE-2025-53536 Published : July 7, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with the php.validate.executablePath setting which lets you set the path for the php executable for syntax validation. The attacker could have written the path to an arbitrary command there and then created a php file to trigger it. This vulnerability is fixed in 3.22.6. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-7138 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7138 Published : July 7, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/admin-profile.php. The manipulation of the argument adminname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-7139 - SourceCodester Best Salon Management System Cross-Site Scripting

CVE ID : CVE-2025-7139 Published : July 7, 2025, 6:15 p.m. | 5 hours, 54 minutes ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /panel/edit-customer-detailed.php of the component Update Customer Details Page. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20323 - Splunk Enterprise Missing Access Control Vulnerability

CVE ID : CVE-2025-20323 Published : July 7, 2025, 6:15 p.m. | 4 hours, 41 minutes ago Description : In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search `Bucket Copy Trigger` within the Splunk Archiver application. This is because of missing access controls in the saved searches for this app. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20324 - Splunk Enterprise/Cloud Platform System Source Type Configuration Injection Vulnerability

CVE ID : CVE-2025-20324 Published : July 7, 2025, 6:15 p.m. | 4 hours, 41 minutes ago Description : In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or overwrite [system source type](https://help.splunk.com/en/splunk-enterprise/get-started/get-data-in/9.2/configure-source-types/create-source-types) configurations by sending a specially-crafted payload to the `/servicesNS/nobody/search/admin/sourcetypes/` REST endpoint on the Splunk management port. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20321 - Splunk Enterprise CSRF Vulnerability in Search Head Cluster

CVE ID : CVE-2025-20321 Published : July 7, 2025, 6:15 p.m. | 4 hours, 4 minutes ago Description : In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114, and 9.2.2406.119, an unauthenticated attacker can send a specially-crafted SPL search that could change the membership state in a Splunk Search Head Cluster (SHC) through a Cross-Site Request Forgery (CSRF), potentially leading to the removal of the captain or a member of the SHC.The vulnerability requires the attacker to phish the administrator-level victim by tricking them into initiating a request within their browser. The attacker should not be able to exploit the vulnerability at will. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20322 - Splunk Enterprise and Splunk Cloud Platform CSRF-Triggered Rolling Restart Vulnerability

CVE ID : CVE-2025-20322 Published : July 7, 2025, 6:15 p.m. | 4 hours, 4 minutes ago Description : In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigger a rolling restart in the Search Head Cluster through a Cross-Site Request Forgery (CSRF), potentially leading to a denial of service (DoS).The vulnerability requires the attacker to phish the administrator-level victim by tricking them into initiating a request within their browser. The attacker should not be able to exploit the vulnerability at will.See [How rolling restart works](https://docs.splunk.com/Documentation/Splunk/9.4.2/DistSearch/RestartSHC) for more information. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20319 - Splunk Enterprise Remote Command Execution Vulnerability

CVE ID : CVE-2025-20319 Published : July 7, 2025, 6:15 p.m. | 2 hours, 38 minutes ago Description : In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability `edit_scripted` and `list_inputs` capability , could perform a remote command execution due to improper user input sanitization on the scripted input files.See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Setting up a scripted input ](https://docs.splunk.com/Documentation/Splunk/9.4.2/AdvancedDev/ScriptSetup)for more information. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20320 - Splunk Enterprise/Splunk Cloud Platform Path Traversal Denial of Service

CVE ID : CVE-2025-20320 Published : July 7, 2025, 6:15 p.m. | 2 hours, 38 minutes ago Description : In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the `User Interface - Views` configuration page that could potentially lead to a denial of service (DoS).The user could cause the DoS by exploiting a path traversal vulnerability that allows for deletion of arbitrary files within a Splunk directory. The vulnerability requires the low-privileged user to phish the administrator-level victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2024-37656 - Gnuboard5 Open Redirect Vulnerability

CVE ID : CVE-2024-37656 Published : July 7, 2025, 6:15 p.m. | 2 hours, 1 minute ago Description : An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the insufficient URL parameter verification in bbs/logout.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2024-37657 - Gnuboard5 Open Redirect

CVE ID : CVE-2024-37657 Published : July 7, 2025, 6:15 p.m. | 2 hours, 1 minute ago Description : An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via thebbs/login.php component. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2024-37658 - Gnuboard5 Open Redirect Vulnerability

CVE ID : CVE-2024-37658 Published : July 7, 2025, 6:15 p.m. | 2 hours, 1 minute ago Description : An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the bbs/member_confirm.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2024-43190 - IBM Engineering Requirements Management DOORS Authentication Bypass

CVE ID : CVE-2024-43190 Published : July 7, 2025, 6:15 p.m. | 2 hours, 1 minute ago Description : IBM Engineering Requirements Management DOORS 9.7.2.9, under certain configurations, could allow a remote attacker to obtain password reset instructions of a legitimate user using man in the middle techniques. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-20300 - Splunk Enterprise/Cloud Platform Cross-Site Scripting (XSS)

CVE ID : CVE-2025-20300 Published : July 7, 2025, 6:15 p.m. | 2 hours, 1 minute ago Description : In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.112, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles, and has read-only access to a specific alert, could suppress that alert when it triggers. See [Define alert suppression groups to throttle sets of similar alerts](https://help.splunk.com/en/splunk-enterprise/alert-and-respond/alerting-manual/9.4/manage-alert-trigger-conditions-and-throttling/define-alert-suppression-groups-to-throttle-sets-of-similar-alerts). Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 18:15:00 GMT

read more

CVE-2025-7137 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7137 Published : July 7, 2025, 5:15 p.m. | 3 hours, 1 minute ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/schedule-staff.php. The manipulation of the argument staff_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2024-25176 - LuaJIT Stack Buffer Overflow Vulnerability

CVE ID : CVE-2024-25176 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : LuaJIT through 2.1 has a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2024-25177 - LuaJIT NULL Metatable IR_FSTORE Denial of Service

CVE ID : CVE-2024-25177 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : LuaJIT through 2.1 has an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2024-25178 - LuaJIT Stack Overflow Handler Out-of-Bounds Read

CVE ID : CVE-2024-25178 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : LuaJIT through 2.1 has an out-of-bounds read in the stack-overflow handler in lj_state.c Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-1351 - IBM Storage Virtualize Privilege Escalation Vulnerability

CVE ID : CVE-2025-1351 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges to that of another user logging in at the same time due to a race condition in the login function. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-36014 - IBM Integration Bus for z/OS Code Injection Vulnerability

CVE ID : CVE-2025-36014 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53377 - WeGIA Charitable Institution Web Manager Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53377 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the cadastro_dependente_pessoa_nova.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the id_funcionario parameter. This vulnerability is fixed in 3.4.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53491 - Wikimedia Foundation Mediawiki FlaggedRevs Extension Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53491 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - FlaggedRevs Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - FlaggedRevs Extension: from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53497 - Wikimedia Foundation Mediawiki RelatedArticles Extension Stored XSS Vulnerability

CVE ID : CVE-2025-53497 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - RelatedArticles Extension allows Stored XSS.This issue affects Mediawiki - RelatedArticles Extension: from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53525 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53525 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the profile_familiar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the id_dependente parameter. This vulnerability is fixed in 3.4.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53526 - WeGIA Web Manager Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53526 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : WeGIA is a web manager for charitable institutions. An XSS Injection vulnerability was identified in novo_memorando.php. After the memo was submitted, the vulnerability was confirmed by accessing listar_memorandos_antigos.php. Upon loading this page, the injected script was executed in the browser. This vulnerability is fixed in 3.4.3. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53527 - WeGIA Web Manager Blind SQL Injection

CVE ID : CVE-2025-53527 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : WeGIA is a web manager for charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in the almox parameter of the /controle/relatorio_geracao.php endpoint. This issue allows attacker to inject arbitrary SQL queries, potentially leading to unauthorized data access or further exploitation depending on database configuration. This vulnerability is fixed in 3.4.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53529 - WeGIA Web Manager SQL Injection Vulnerability

CVE ID : CVE-2025-53529 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : WeGIA is a web manager for charitable institutions. An SQL Injection vulnerability was identified in the /html/funcionario/profile_funcionario.php endpoint. The id_funcionario parameter is not properly sanitized or validated before being used in a SQL query, allowing an unauthenticated attacker to inject arbitrary SQL commands. The vulnerability is fixed in 3.4.3. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53530 - Wegia Web Manager HTTP Request Smuggling Denial of Service

CVE ID : CVE-2025-53530 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue arises from the lack of validation for the length of the errorstr parameter. Tests confirmed that the server processes URLs up to 8,142 characters, resulting in high resource consumption, elevated latency, timeouts, and read errors. This makes the server susceptible to Denial of Service (DoS) attacks. This vulnerability is fixed in 3.3.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53531 - Wegia Web Manager Long GET Request Denial of Service Vulnerability

CVE ID : CVE-2025-53531 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue arises from the lack of validation for the length of the fid parameter. Tests confirmed that the server processes URLs up to 8,142 characters, resulting in high resource consumption, elevated latency, timeouts, and read errors. This makes the server susceptible to Denial of Service (DoS) attacks. This vulnerability is fixed in 3.3.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53532 - Giscus Unauthorized Discussion Creation Vulnerability

CVE ID : CVE-2025-53532 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : giscus is a commenting system powered by GitHub Discussions. A bug in giscus' discussions creation API allowed an unauthorized user to create discussions on any repository where giscus is installed. This affects the server-side part of giscus, which is provided via http://giscus.app or your own self-hosted service. This vulnerability is fixed by the c43af7806e65adfcf4d0feeebef76dc36c95cb9a and 4b9745fe1a326ce08d69f8a388331bc993d19389 commits. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-7136 - Campcodes Online Recruitment Management System SQL Injection

CVE ID : CVE-2025-7136 Published : July 7, 2025, 5:15 p.m. | 59 minutes ago Description : A vulnerability, which was classified as critical, was found in Campcodes Online Recruitment Management System 1.0. Affected is an unknown function of the file /admin/view_vacancy.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 17:15:00 GMT

read more

CVE-2025-53374 - Dokploy Information Disclosure Vulnerability

CVE ID : CVE-2025-53374 Published : July 7, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated low-privileged account can retrieve detailed profile information about another users in the same organization by directly invoking user.one. The response discloses personally-identifiable information (PII) such as e-mail address, role, two-factor status, organization ID, and various account flags. The fix will be available in the v0.23.7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-53375 - Dokploy File Access Vulnerability

CVE ID : CVE-2025-53375 Published : July 7, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated attacker can read any file that the Traefik process user can access (e.g., /etc/passwd, application source, environment variable files containing credentials and secrets). This may lead to full compromise of other services or lateral movement. This vulnerability is fixed in 0.23.7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-53376 - Dokploy Docker Command Injection Vulnerability

CVE ID : CVE-2025-53376 Published : July 7, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated, low-privileged user can run arbitrary OS commands on the Dokploy host. The tRPC procedure docker.getContainersByAppNameMatch interpolates the attacker-supplied appName value into a Docker CLI call without sanitisation, enabling command injection under the Dokploy service account. This vulnerability is fixed in 0.23.7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-53487 - Mediawiki ApprovedRevs Stored XSS

CVE ID : CVE-2025-53487 Published : July 7, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message keys to be rendered unescaped. This issue affects Mediawiki - ApprovedRevs extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-7057 - Wikimedia Foundation Mediawiki Quiz Extension Stored XSS Vulnerability

CVE ID : CVE-2025-7057 Published : July 7, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - Quiz Extension allows Stored XSS.This issue affects Mediawiki - Quiz Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-7134 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7134 Published : July 7, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=delete_application. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-7135 - Campcodes Online Recruitment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7135 Published : July 7, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : A vulnerability, which was classified as critical, has been found in Campcodes Online Recruitment Management System 1.0. This issue affects some unknown processing of the file /admin/ajax.php?action=save_vacancy. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-7259 - MongoDB Server Duplicate _id Field Denial of Service

CVE ID : CVE-2025-7259 Published : July 7, 2025, 4:15 p.m. | 1 hour, 59 minutes ago Description : An authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-26780 - "Samsung Exynos Denial of Service (DoS) Vulnerability"

CVE ID : CVE-2025-26780 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-32023 - Redis Heap Out-of-Bounds Write Remote Code Execution Vulnerability

CVE ID : CVE-2025-32023 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-43931 - Flask Boilerplate Server-Side Request Forgery (SSRF)

CVE ID : CVE-2025-43931 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : flask-boilerplate through a170e7c allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-43932 - Apache JobCenter Unvalidated Host Header Vulnerability

CVE ID : CVE-2025-43932 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : JobCenter through 7e7b0b2 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-43933 - Facebook fblog Server Name Header Injection

CVE ID : CVE-2025-43933 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : fblog through 983bede allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-45065 - "Employee Record Management System in PHP and MySQL SQL Injection Vulnerability"

CVE ID : CVE-2025-45065 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-45479 - EduCoder Container Code Injection Vulnerability

CVE ID : CVE-2025-45479 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : Insufficient security mechanisms for created containers in educoder challenges v1.0 allow attackers to execute arbitrary code via injecting crafted content into a container. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-47202 - Samsung Exynos RRC Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-47202 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-48367 - Redis Denial of Service Vulnerability

CVE ID : CVE-2025-48367 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-52492 - "Paxton Paxton10 Twilio API Hard-Coded Credentials Disclosure"

CVE ID : CVE-2025-52492 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The firmware file, rootfs.tar.gz, contains hard-coded credentials for the Twilio API. A remote attacker who obtains a copy of the firmware can extract these credentials. This could allow the attacker to gain unauthorized access to the associated Twilio account, leading to information disclosure, potential service disruption, and unauthorized use of the Twilio services. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-53373 - Natours Host Header Injection Vulnerability

CVE ID : CVE-2025-53373 Published : July 7, 2025, 4:15 p.m. | 38 minutes ago Description : Natours is a Tour Booking API. The attacker can easily take over any victim account by injecting an attacker-controlled server domain in the Host header when requesting the /forgetpassword endpoint. This vulnerability is fixed with commit 7401793a8d9ed0f0c250c4e0ee2815d685d7a70b. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 16:15:00 GMT

read more

CVE-2025-6806 - Marvell QConvergeConsole Directory Traversal File Write Vulnerability

CVE ID : CVE-2025-6806 Published : July 7, 2025, 3:15 p.m. | 1 hour, 38 minutes ago Description : Marvell QConvergeConsole decryptFile Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the decryptFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to write files in the context of SYSTEM. Was ZDI-CAN-24979. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6807 - Marvell QConvergeConsole Directory Traversal Information Disclosure

CVE ID : CVE-2025-6807 Published : July 7, 2025, 3:15 p.m. | 1 hour, 38 minutes ago Description : Marvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the getDriverTmpPath method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24980. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6810 - Mescius ActiveReports.NET Deserialization Remote Code Execution

CVE ID : CVE-2025-6810 Published : July 7, 2025, 3:15 p.m. | 1 hour, 38 minutes ago Description : Mescius ActiveReports.NET ReadValue Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mescius ActiveReports.NET. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the implementation of the ReadValue method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25246. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6811 - Mescius ActiveReports.NET TypeResolutionService Deserialization Remote Code Execution Vulnerability

CVE ID : CVE-2025-6811 Published : July 7, 2025, 3:15 p.m. | 1 hour, 38 minutes ago Description : Mescius ActiveReports.NET TypeResolutionService Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mescius ActiveReports.NET. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the TypeResolutionService class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25397. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-7132 - Campcodes Payroll Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7132 Published : July 7, 2025, 3:15 p.m. | 1 hour, 38 minutes ago Description : A vulnerability was found in Campcodes Payroll Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_payroll. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-7133 - CodeAstro Online Movie Ticket Booking System Cross-Site Request Forgery Vulnerability

CVE ID : CVE-2025-7133 Published : July 7, 2025, 3:15 p.m. | 1 hour, 38 minutes ago Description : A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-5987 - Libssh ChaCha20 Cipher Context Initialization Vulnerability

CVE ID : CVE-2025-5987 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6663 - GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2025-6663 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of H266 sei messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27381. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6711 - MongoDB Server Information Disclosure Vulnerability

CVE ID : CVE-2025-6711 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear in server logs when certain error conditions are encountered. This issue affects MongoDB Server v8.0 versions prior to 8.0.5, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v6.0 versions prior to 6.0.21. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6712 - MongoDB Server Memory Consumption Vulnerability

CVE ID : CVE-2025-6712 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is linked to inefficiencies in memory management related to internal operations. In scenarios where certain internal processes persist longer than anticipated, memory consumption can increase, potentially impacting server stability and availability. This issue affects MongoDB Server v8.0 versions prior to 8.0.10 Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6713 - MongoDB Server Unauthorized Data Access Vulnerability

CVE ID : CVE-2025-6713 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.20 and MongoDB Server v6.0 versions prior to 6.0.22 Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6714 - MongoDB Mongos Unresponsive Connections Vulnerability

CVE ID : CVE-2025-6714 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Server v8.0 prior to 8.0.9 Required Configuration: This affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6793 - Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Vulnerability

CVE ID : CVE-2025-6793 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability. This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the QLogicDownloadImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files and disclose information in the context of SYSTEM. Was ZDI-CAN-24912. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6794 - Marvell QConvergeConsole Directory Traversal Remote Code Execution Vulnerability

CVE ID : CVE-2025-6794 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the saveAsText method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-24913. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6795 - Marvell QConvergeConsole Directory Traversal Information Disclosure

CVE ID : CVE-2025-6795 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the getFileUploadSize method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24914. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6796 - Marvell QConvergeConsole Directory Traversal Information Disclosure

CVE ID : CVE-2025-6796 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole getAppFileBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the getAppFileBytes method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24916. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6797 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

CVE ID : CVE-2025-6797 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the getFileUploadBytes method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24917. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6798 - Marvell QConvergeConsole Directory Traversal Vulnerability

CVE ID : CVE-2025-6798 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole deleteAppFile Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the deleteAppFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-24918. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6799 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

CVE ID : CVE-2025-6799 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the getFileUploadBytes method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24919. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6800 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

CVE ID : CVE-2025-6800 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the restoreESwitchConfig method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24920. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6801 - Marvell QConvergeConsole Directory Traversal Arbitrary File Write Vulnerability

CVE ID : CVE-2025-6801 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the saveNICParamsToFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to write files in the context of SYSTEM. Was ZDI-CAN-24921. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6802 - Marvell QConvergeConsole Unrestricted File Upload Remote Code Execution Vulnerability

CVE ID : CVE-2025-6802 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the getFileFromURL method. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-24922. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6803 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

CVE ID : CVE-2025-6803 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the compressDriverFiles method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24923. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6804 - Marvell QConvergeConsole Directory Traversal Information Disclosure Vulnerability

CVE ID : CVE-2025-6804 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the compressFirmwareDumpFiles method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24924. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6805 - Marvell QConvergeConsole Directory Traversal Vulnerability

CVE ID : CVE-2025-6805 Published : July 7, 2025, 3:15 p.m. | 39 minutes ago Description : Marvell QConvergeConsole deleteEventLogFile Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the deleteEventLogFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-24925. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 15:15:00 GMT

read more

CVE-2025-6209 - Run-llama Llama Index Path Traversal Vulnerability

CVE ID : CVE-2025-6209 Published : July 7, 2025, 1:15 p.m. | 59 minutes ago Description : A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0.12.40, specifically within the `encode_image` function in `generic_utils.py`. This vulnerability allows an attacker to manipulate the `image_path` input to read arbitrary files on the server, including sensitive system files. The issue arises due to improper validation or sanitization of the file path, enabling path traversal sequences to access files outside the intended directory. The vulnerability is fixed in version 0.12.41. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 13:15:00 GMT

read more

CVE-2025-7128 - Campcodes Payroll Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7128 Published : July 7, 2025, 1:15 p.m. | 59 minutes ago Description : A vulnerability has been found in Campcodes Payroll Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=calculate_payroll. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 13:15:00 GMT

read more

CVE-2025-7129 - Campcodes Payroll Management System SQL Injection

CVE ID : CVE-2025-7129 Published : July 7, 2025, 1:15 p.m. | 59 minutes ago Description : A vulnerability was found in Campcodes Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /ajax.php?action=delete_employee_attendance_single. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 13:15:00 GMT

read more

CVE-2025-7126 - iSourcecode Employee Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7126 Published : July 7, 2025, 12:15 p.m. | 1 hour, 59 minutes ago Description : A vulnerability, which was classified as critical, has been found in itsourcecode Employee Management System up to 1.0. Affected by this issue is some unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 12:15:00 GMT

read more

CVE-2025-7127 - iSourcecode Employee Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7127 Published : July 7, 2025, 12:15 p.m. | 1 hour, 59 minutes ago Description : A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System up to 1.0. This affects an unknown part of the file /admin/changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 12:15:00 GMT

read more

CVE-2025-7124 - "Code-projects Online Note Sharing Unrestricted File Upload Vulnerability"

CVE ID : CVE-2025-7124 Published : July 7, 2025, 11:15 a.m. | 2 hours, 58 minutes ago Description : A vulnerability classified as critical has been found in code-projects Online Note Sharing 1.0. Affected is an unknown function of the file /dashboard/userprofile.php of the component Profile Image Handler. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 11:15:00 GMT

read more

CVE-2025-7125 - iSourcecode Employee Management System SQL Injection

CVE ID : CVE-2025-7125 Published : July 7, 2025, 11:15 a.m. | 2 hours, 58 minutes ago Description : A vulnerability classified as critical was found in itsourcecode Employee Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/editempeducation.php. The manipulation of the argument coursepg leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 11:15:00 GMT

read more

CVE-2024-43334 - Gavias Halpes Cross-site Scripting (XSS)

CVE ID : CVE-2024-43334 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gavias Halpes allows Reflected XSS.This issue affects Halpes: from n/a before 1.2.5. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3044 - ArxivReader MD5 Hash Collision Vulnerability

CVE ID : CVE-2025-3044 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A vulnerability in the ArxivReader class of the run-llama/llama_index repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each other, preventing some papers from being processed for AI model training. The issue is resolved in version 0.12.28. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3046 - "Obsidian Reader Symbolic Link File Read Vulnerability"

CVE ID : CVE-2025-3046 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A vulnerability in the `ObsidianReader` class of the run-llama/llama_index repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through symbolic links. The `ObsidianReader` fails to resolve symlinks to their real paths and does not validate whether the resolved paths lie within the intended directory. This flaw enables attackers to place symlinks pointing to files outside the vault directory, which are then processed as valid Markdown files, potentially exposing sensitive information. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3225 - LLama Index XML Entity Expansion Denial of Service

CVE ID : CVE-2025-3225 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : An XML Entity Expansion vulnerability, also known as a 'billion laughs' attack, exists in the sitemap parser of the run-llama/llama_index repository, specifically affecting version v0.12.21. This vulnerability allows an attacker to supply a malicious Sitemap XML, leading to a Denial of Service (DoS) by exhausting system memory and potentially causing a system crash. The issue is resolved in version v0.12.29. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3262 - Apache Transformers ReDoS

CVE ID : CVE-2025-3262 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the huggingface/transformers repository, specifically in version 4.49.0. The vulnerability is due to inefficient regular expression complexity in the `SETTING_RE` variable within the `transformers/commands/chat.py` file. The regex contains repetition groups and non-optimized quantifiers, leading to exponential backtracking when processing 'almost matching' payloads. This can degrade application performance and potentially result in a denial-of-service (DoS) when handling specially crafted input strings. The issue is fixed in version 4.51.0. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3263 - Hugging Face Transformers ReDoS Vulnerability

CVE ID : CVE-2025-3263 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the `get_configuration_file()` function within the `transformers.configuration_utils` module. The affected version is 4.49.0, and the issue is resolved in version 4.51.0. The vulnerability arises from the use of a regular expression pattern `config\.(.*)\.json` that can be exploited to cause excessive CPU consumption through crafted input strings, leading to catastrophic backtracking. This can result in model serving disruption, resource exhaustion, and increased latency in applications using the library. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3264 - Hugging Face Transformers Regular Expression Denial of Service (ReDoS)

CVE ID : CVE-2025-3264 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the `get_imports()` function within `dynamic_module_utils.py`. This vulnerability affects versions 4.49.0 and is fixed in version 4.51.0. The issue arises from a regular expression pattern `\s*try\s*:.*?except.*?:` used to filter out try/except blocks from Python code, which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to remote code loading disruption, resource exhaustion in model serving, supply chain attack vectors, and development pipeline disruption. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3466 - Langgenius Dify Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-3466 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with full root permissions. The vulnerability arises from the ability to override global functions in JavaScript, such as parseInt, before sandbox security restrictions are imposed. This can lead to unauthorized access to secret keys, internal network servers, and lateral movement within dify.ai. The issue is resolved in version 1.1.3. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3467 - Dify Firefox XSS Token Stealer

CVE ID : CVE-2025-3467 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : An XSS vulnerability exists in langgenius/dify versions prior to 1.1.3, specifically affecting Firefox browsers. This vulnerability allows an attacker to obtain the administrator's token by sending a payload in the published chat. When the administrator views the conversation content through the monitoring/log function using Firefox, the XSS vulnerability is triggered, potentially exposing sensitive token information to the attacker. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3626 - Apache Device OS Command Injection

CVE ID : CVE-2025-3626 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command ('OS Command Injection') while uploading a config file via webUI. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3705 - FirmwareLoader OS Command Injection

CVE ID : CVE-2025-3705 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command ('OS Command Injection') when loading a config file from a USB drive. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3777 - YouTube URL Validation Bypass in Hugging Face Transformers

CVE ID : CVE-2025-3777 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : Hugging Face Transformers versions up to 4.49.0 are affected by an improper input validation vulnerability in the `image_utils.py` file. The vulnerability arises from insecure URL validation using the `startswith()` method, which can be bypassed through URL username injection. This allows attackers to craft URLs that appear to be from YouTube but resolve to malicious domains, potentially leading to phishing attacks, malware distribution, or data exfiltration. The issue is fixed in version 4.52.1. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-4779 - Lunary Ai Lunary Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4779 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : lunary-ai/lunary versions prior to 1.9.24 are vulnerable to stored cross-site scripting (XSS). An unauthenticated attacker can inject malicious JavaScript into the `v1/runs/ingest` endpoint by adding an empty `citations` field, triggering a code path where `dangerouslySetInnerHTML` is used to render attacker-controlled text. This vulnerability allows the execution of arbitrary JavaScript in the context of the user's browser, potentially leading to session hijacking, data theft, or other malicious actions. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-5472 - Llama Index JSONReader Stack Overflow Denial of Service Vulnerability

CVE ID : CVE-2025-5472 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : The JSONReader in run-llama/llama_index versions 0.12.28 is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This vulnerability allows attackers to trigger a Denial of Service (DoS) by submitting deeply nested JSON structures, leading to a RecursionError and crashing applications. The root cause is the unsafe recursive traversal design and lack of depth validation, which makes the JSONReader susceptible to stack overflow when processing deeply nested JSON. This impacts the availability of services, making them unreliable and disrupting workflows. The issue is resolved in version 0.12.38. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-6210 - ObsidianReader Hardlink-Based Path Traversal Vulnerability

CVE ID : CVE-2025-6210 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A vulnerability in the ObsidianReader class of the run-llama/llama_index repository, specifically in version 0.12.27, allows for hardlink-based path traversal. This flaw permits attackers to bypass path restrictions and access sensitive system files, such as /etc/passwd, by exploiting hardlinks. The vulnerability arises from inadequate handling of hardlinks in the load_data() method, where the security checks fail to differentiate between real files and hardlinks. This issue is resolved in version 0.5.2. Severity: 6.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-6386 - Apache Parisneo Timing Attack in Lollms Authentication

CVE ID : CVE-2025-6386 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : The parisneo/lollms repository is affected by a timing attack vulnerability in the `authenticate_user` function within the `lollms_authentication.py` file. This vulnerability allows attackers to enumerate valid usernames and guess passwords incrementally by analyzing response time differences. The affected version is the latest, and the issue is resolved in version 20.1. The vulnerability arises from the use of Python's default string equality operator for password comparison, which compares characters sequentially and exits on the first mismatch, leading to variable response times based on the number of matching initial characters. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-7122 - Campcodes Complaint Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7122 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A vulnerability was found in Campcodes Complaint Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-7123 - Campcodes Complaint Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7123 Published : July 7, 2025, 10:15 a.m. | 3 hours, 59 minutes ago Description : A vulnerability was found in Campcodes Complaint Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/complaint-details.php. The manipulation of the argument cid/uid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 10:15:00 GMT

read more

CVE-2025-3920 - SUR-FBD CMMS Hard-Coded Credentials Disclosure

CVE ID : CVE-2025-3920 Published : July 7, 2025, 9:15 a.m. | 3 hours, 36 minutes ago Description : A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond to a built-in administrative account of the software. An attacker with local access to the system or the application's installation directory could extract these credentials, potentially leading to a complete compromise of the application's administrative functions. This issue was fixed in version 2025.03.27 of the SUR-FBD CMMS software. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 09:15:00 GMT

read more

CVE-2025-7120 - Campcodes Complaint Management System SQL Injection

CVE ID : CVE-2025-7120 Published : July 7, 2025, 9:15 a.m. | 3 hours, 36 minutes ago Description : A vulnerability was found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /users/check_availability.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 09:15:00 GMT

read more

CVE-2025-7121 - Campcodes Complaint Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7121 Published : July 7, 2025, 9:15 a.m. | 3 hours, 36 minutes ago Description : A vulnerability was found in Campcodes Complaint Management System 1.0. It has been classified as critical. This affects an unknown part of the file /users/complaint-details.php. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 09:15:00 GMT

read more

CVE-2025-7118 - UTT HiPER 840G Buffer Overflow Vulnerability

CVE ID : CVE-2025-7118 Published : July 7, 2025, 8:15 a.m. | 4 hours ago Description : A vulnerability, which was classified as critical, has been found in UTT HiPER 840G up to 3.1.1-190328. This issue affects some unknown processing of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 08:15:00 GMT

read more

CVE-2025-7119 - Campcodes Complaint Management System SQL Injection Vulnerability

CVE ID : CVE-2025-7119 Published : July 7, 2025, 8:15 a.m. | 4 hours ago Description : A vulnerability has been found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /users/index.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 08:15:00 GMT

read more

CVE-2025-41672 - Citrix NetScaler JWT Token Default Certificate Vulnerability

CVE ID : CVE-2025-41672 Published : July 7, 2025, 7:15 a.m. | 2 hours, 59 minutes ago Description : A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and all connected devices. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 07:15:00 GMT

read more

CVE-2025-7116 - UTT 进取 Wireless Config Buffer Overflow Vulnerability

CVE ID : CVE-2025-7116 Published : July 7, 2025, 7:15 a.m. | 2 hours, 59 minutes ago Description : A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fast_wireless_conf. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 07:15:00 GMT

read more

CVE-2025-7117 - UTT HiPER 840G Buffer Overflow Vulnerability

CVE ID : CVE-2025-7117 Published : July 7, 2025, 7:15 a.m. | 2 hours, 59 minutes ago Description : A vulnerability classified as critical was found in UTT HiPER 840G up to 3.1.1-190328. This vulnerability affects unknown code of the file /goform/websWhiteList. The manipulation of the argument addHostFilter leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 07:15:00 GMT

read more

CVE-2025-7114 - SimStudioAI Session Handler Missing Authentication Vulnerability

CVE ID : CVE-2025-7114 Published : July 7, 2025, 6:15 a.m. | 3 hours, 59 minutes ago Description : A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability is the function POST of the file apps/sim/app/api/files/upload/route.ts of the component Session Handler. The manipulation of the argument Request leads to missing authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 06:15:00 GMT

read more

CVE-2025-7115 - Rowboatlabs Rowboat Remote Authentication Bypass Vulnerability

CVE ID : CVE-2025-7115 Published : July 7, 2025, 6:15 a.m. | 3 hours, 59 minutes ago Description : A vulnerability was found in rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97. It has been rated as critical. Affected by this issue is the function PUT of the file apps/rowboat/app/api/uploads/[fileId]/route.ts of the component Session Handler. The manipulation of the argument params leads to missing authentication. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. It is expected that this issue will be fixed in the near future. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 06:15:00 GMT

read more

CVE-2025-24508 - VMware IT Management Agent Credentials Exposure

CVE ID : CVE-2025-24508 Published : July 7, 2025, 5:15 a.m. | 4 hours, 59 minutes ago Description : Extraction of Account Connectivity Credentials (ACCs) from the IT Management Agent secure storage Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-48501 - Nimesa Backup and Recovery Command Injection Vulnerability

CVE ID : CVE-2025-48501 Published : July 7, 2025, 5:15 a.m. | 4 hours, 59 minutes ago Description : An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-53473 - Nimesa Backup and Recovery SSRF Vulnerability

CVE ID : CVE-2025-53473 Published : July 7, 2025, 5:15 a.m. | 4 hours, 59 minutes ago Description : Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-7111 - Portabilis i-Educar Cross-Site Scripting Vulnerability in Course Module

CVE ID : CVE-2025-7111 Published : July 7, 2025, 5:15 a.m. | 4 hours, 59 minutes ago Description : A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-7112 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7112 Published : July 7, 2025, 5:15 a.m. | 4 hours, 59 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the file /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD of the component Function Management Module. The manipulation of the argument Função leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-7113 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7113 Published : July 7, 2025, 5:15 a.m. | 4 hours, 59 minutes ago Description : A vulnerability was found in Portabilis i-Educar 2.9.0. It has been classified as problematic. Affected is an unknown function of the file /module/ComponenteCurricular/edit?id=ID of the component Curricular Components Module. The manipulation of the argument Nome leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 05:15:00 GMT

read more

CVE-2025-7110 - Portabilis i-Educar Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7110 Published : July 7, 2025, 4:15 a.m. | 5 hours, 59 minutes ago Description : A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the file /intranet/educar_escola_lst.php of the component School Module. The manipulation of the argument Escola leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 04:15:00 GMT

read more

CVE-2025-53183 - Adobe PDF Preview Module Null Pointer Dereference

CVE ID : CVE-2025-53183 Published : July 7, 2025, 3:15 a.m. | 6 hours, 59 minutes ago Description : Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53184 - AcroPDF Null Pointer Dereference

CVE ID : CVE-2025-53184 Published : July 7, 2025, 3:15 a.m. | 6 hours, 59 minutes ago Description : Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53185 - Apache Memory Corruption Vulnerability

CVE ID : CVE-2025-53185 Published : July 7, 2025, 3:15 a.m. | 6 hours, 59 minutes ago Description : Virtual address reuse issue in the memory management module, which can be exploited by non-privileged users to access released memory Impact: Successful exploitation of this vulnerability may affect service integrity. Severity: 6.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53186 - "ZTE Audio Framework Unverified Broadcast Vulnerability"

CVE ID : CVE-2025-53186 Published : July 7, 2025, 3:15 a.m. | 6 hours, 59 minutes ago Description : Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of this vulnerability may affect availability. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7107 - SimStudioAI Sim Path Traversal Vulnerability

CVE ID : CVE-2025-7107 Published : July 7, 2025, 3:15 a.m. | 6 hours, 59 minutes ago Description : A vulnerability classified as critical has been found in SimStudioAI sim up to 0.1.17. Affected is the function handleLocalFile of the file apps/sim/app/api/files/parse/route.ts. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as b2450530d1ddd0397a11001a72aa0fde401db16a. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7108 - Risesoft Y9 Digital-Infrastructure Remote Path Traversal Vulnerability

CVE ID : CVE-2025-7108 Published : July 7, 2025, 3:15 a.m. | 6 hours, 59 minutes ago Description : A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function deleteFile of the file /Digital-Infrastructure-9.6.7/y9-digitalbase-webapp/y9-module-filemanager/risenet-y9boot-webapp-filemanager/src/main/java/net/risesoft/y9public/controller/Y9FileController.java. The manipulation of the argument fullPath leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7109 - Portabilis i-Educar Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-7109 Published : July 7, 2025, 3:15 a.m. | 6 hours, 59 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educar_aluno_beneficio_lst.php of the component Student Benefits Registration. The manipulation of the argument Benefício leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7145 - ThreatSonar Anti-Ransomware OS Command Injection Vulnerability

CVE ID : CVE-2025-7145 Published : July 7, 2025, 3:15 a.m. | 6 hours, 59 minutes ago Description : ThreatSonar Anti-Ransomware developed by TeamT5 has an OS Command Injection vulnerability, allowing remote attackers with product platform intermediate privileges to inject arbitrary OS commands and execute them on the server, thereby gaining administrative access to the remote host. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53178 - Harman International Calendar Storage Module Permission Bypass Vulnerability

CVE ID : CVE-2025-53178 Published : July 7, 2025, 3:15 a.m. | 4 hours, 59 minutes ago Description : Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule reminder function of head units. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53179 - Adobe PDF Preview Module Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-53179 Published : July 7, 2025, 3:15 a.m. | 4 hours, 59 minutes ago Description : Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53180 - Adobe PDF Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-53180 Published : July 7, 2025, 3:15 a.m. | 4 hours, 59 minutes ago Description : Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53181 - Adobe PDF Preview Module Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-53181 Published : July 7, 2025, 3:15 a.m. | 4 hours, 59 minutes ago Description : Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53182 - Adobe PDF Preview Module Null Pointer Dereference

CVE ID : CVE-2025-53182 Published : July 7, 2025, 3:15 a.m. | 4 hours, 59 minutes ago Description : Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53173 - Apache Tika Image Parsing Stack Overflow Vulnerability

CVE ID : CVE-2025-53173 Published : July 7, 2025, 3:15 a.m. | 2 hours, 59 minutes ago Description : Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53174 - Adobe Illustrator Stack Overflow Vulnerability

CVE ID : CVE-2025-53174 Published : July 7, 2025, 3:15 a.m. | 2 hours, 59 minutes ago Description : Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53175 - Adobe Illustrator Stack Overflow Vulnerability

CVE ID : CVE-2025-53175 Published : July 7, 2025, 3:15 a.m. | 2 hours, 59 minutes ago Description : Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53176 - Adobe Illustrator Heap-Based Buffer Overflow

CVE ID : CVE-2025-53176 Published : July 7, 2025, 3:15 a.m. | 2 hours, 59 minutes ago Description : Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53177 - Fossil Calendar Storage Module Permission Bypass Vulnerability

CVE ID : CVE-2025-53177 Published : July 7, 2025, 3:15 a.m. | 2 hours, 59 minutes ago Description : Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule syncing function of watches. Severity: 3.9 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2024-58117 - Apache PDFBox Image Parsing Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2024-58117 Published : July 7, 2025, 3:15 a.m. | 59 minutes ago Description : Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53167 - "Apache Distributed Collaboration Framework Authentication Bypass"

CVE ID : CVE-2025-53167 Published : July 7, 2025, 3:15 a.m. | 59 minutes ago Description : Authentication vulnerability in the distributed collaboration framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53168 - Hikvision Distributed Camera Process Bypass Vulnerability

CVE ID : CVE-2025-53168 Published : July 7, 2025, 3:15 a.m. | 59 minutes ago Description : Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Impact: Successful exploitation of this vulnerability may allow the peer device to use the camera without user awareness. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53169 - Hikvision Distributed Camera Peer Device Start-Up Bypass Vulnerability (Authentication Bypass)

CVE ID : CVE-2025-53169 Published : July 7, 2025, 3:15 a.m. | 59 minutes ago Description : Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Impact: Successful exploitation of this vulnerability may allow the peer device to use the camera without user awareness. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53170 - Apache Exit Cause Module Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-53170 Published : July 7, 2025, 3:15 a.m. | 59 minutes ago Description : Null pointer dereference vulnerability in the application exit cause module Impact: Successful exploitation of this vulnerability may affect function stability. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53171 - Adobe Illustrator Stack Overflow Vulnerability

CVE ID : CVE-2025-53171 Published : July 7, 2025, 3:15 a.m. | 59 minutes ago Description : Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-53172 - Adobe Illustrator Out-of-Bounds Write

CVE ID : CVE-2025-53172 Published : July 7, 2025, 3:15 a.m. | 59 minutes ago Description : Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 03:15:00 GMT

read more

CVE-2025-7100 - BoyunCMS Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7100 Published : July 7, 2025, 1:15 a.m. | 58 minutes ago Description : A vulnerability was found in BoyunCMS up to 1.4.20 and classified as critical. Affected by this issue is some unknown functionality of the file /application/user/controller/Index.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 01:15:00 GMT

read more

CVE-2025-7101 - BoyunCMS Configuration File Handler Remote Code Injection Vulnerability

CVE ID : CVE-2025-7101 Published : July 7, 2025, 1:15 a.m. | 58 minutes ago Description : A vulnerability was found in BoyunCMS up to 1.4.20. It has been classified as critical. This affects an unknown part of the file /install/install_ok.php of the component Configuration File Handler. The manipulation of the argument db_pass leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 01:15:00 GMT

read more

CVE-2025-7102 - BoyunCMS SQL Injection Vulnerability

CVE ID : CVE-2025-7102 Published : July 7, 2025, 1:15 a.m. | 58 minutes ago Description : A vulnerability was found in BoyunCMS up to 1.4.20. It has been declared as critical. This vulnerability affects unknown code of the file application/update/controller/Server.php. The manipulation of the argument phone leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 01:15:00 GMT

read more

CVE-2025-7099 - BoyunCMS PHP Deserialization Vulnerability in Installation Handler

CVE ID : CVE-2025-7099 Published : July 7, 2025, 12:15 a.m. | 1 hour, 58 minutes ago Description : A vulnerability has been found in BoyunCMS up to 1.21 on PHP7 and classified as critical. Affected by this vulnerability is an unknown functionality of the file install/install2.php of the component Installation Handler. The manipulation of the argument db_host leads to deserialization. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 07 Jul 2025 00:15:00 GMT

read more

Fuite de données chez Union Nationale du Sport Scolaire

]]>

Mon Jul 07 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

CVE-2025-3108 - "LLama Index JsonPickleSerializer Python Pickle Deserialization RCE"

CVE ID : CVE-2025-3108 Published : July 6, 2025, 11:15 p.m. | 2 hours, 58 minutes ago Description : A critical deserialization vulnerability exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module. JsonPickleSerializer prioritizes deserialization using pickle.loads(), which can execute arbitrary code when processing untrusted data. Attackers can exploit this by crafting malicious payloads to achieve full system compromise. The root cause includes an insecure fallback mechanism, lack of validation or safeguards, misleading design, and violation of Python security guidelines. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 23:15:00 GMT

read more

CVE-2025-7097 - Comodo Internet Security Premium OS Command Injection Vulnerability

CVE ID : CVE-2025-7097 Published : July 6, 2025, 11:15 p.m. | 2 hours, 58 minutes ago Description : A vulnerability, which was classified as critical, has been found in Comodo Internet Security Premium 12.3.4.8162. This issue affects some unknown processing of the file cis_update_x64.xml of the component Manifest File Handler. The manipulation of the argument binary/params leads to os command injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 23:15:00 GMT

read more

CVE-2025-7098 - Comodo Internet Security Premium Path Traversal Vulnerability

CVE ID : CVE-2025-7098 Published : July 6, 2025, 11:15 p.m. | 2 hours, 58 minutes ago Description : A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unknown function of the component File Name Handler. The manipulation of the argument name/folder leads to path traversal. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 23:15:00 GMT

read more

CVE-2025-7095 - Comodo Internet Security Premium Certificate Validation Vulnerability

CVE ID : CVE-2025-7095 Published : July 6, 2025, 10:15 p.m. | 3 hours, 58 minutes ago Description : A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4.8162. This affects an unknown part of the component Update Handler. The manipulation leads to improper certificate validation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 22:15:00 GMT

read more

CVE-2025-7096 - Comodo Internet Security Premium Manifest File Handler XML Integrity Check Validation Vulnerability

CVE ID : CVE-2025-7096 Published : July 6, 2025, 10:15 p.m. | 3 hours, 58 minutes ago Description : A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability affects unknown code of the file cis_update_x64.xml of the component Manifest File Handler. The manipulation leads to improper validation of integrity check value. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 22:15:00 GMT

read more

CVE-2025-7093 - Belkin F9K1122 Remote Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7093 Published : July 6, 2025, 9:15 p.m. | 4 hours, 58 minutes ago Description : A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. Affected by this vulnerability is the function formSetLanguage of the file /goform/formSetLanguage of the component webs. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 21:15:00 GMT

read more

CVE-2025-7094 - Belkin Webs Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7094 Published : July 6, 2025, 9:15 p.m. | 4 hours, 58 minutes ago Description : A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component webs. The manipulation of the argument submit-url-ok leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 21:15:00 GMT

read more

CVE-2025-7091 - Belkin Webs Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7091 Published : July 6, 2025, 8:15 p.m. | 5 hours, 58 minutes ago Description : A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. Affected is the function formWlanMP of the file /goform/formWlanMP of the component webs. The manipulation of the argument ateFunc/ateGain/ateTxCount/ateChan/ateRate/ateMacID/e2pTxPower1/e2pTxPower2/e2pTxPower3/e2pTxPower4/e2pTxPower5/e2pTxPower6/e2pTxPower7/e2pTx2Power1/e2pTx2Power2/e2pTx2Power3/e2pTx2Power4/e2pTx2Power5/e2pTx2Power6/e2pTx2Power7/ateTxFreqOffset/ateMode/ateBW/ateAntenna/e2pTxFreqOffset/e2pTxPwDeltaB/e2pTxPwDeltaG/e2pTxPwDeltaMix/e2pTxPwDeltaN/readE2P leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 20:15:00 GMT

read more

CVE-2025-7092 - Belkin F9K1122 Web WPS Enrolee Pin Stack Buffer Overflow

CVE ID : CVE-2025-7092 Published : July 6, 2025, 8:15 p.m. | 5 hours, 58 minutes ago Description : A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. This vulnerability affects the function formWlanSetupWPS of the file /goform/formWlanSetupWPS of the component webs. The manipulation of the argument wps_enrolee_pin/webpage leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 20:15:00 GMT

read more

CVE-2025-7089 - Belkin F9K1122 Web Component Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7089 Published : July 6, 2025, 7:15 p.m. | 6 hours, 58 minutes ago Description : A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. This issue affects the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component webs. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 19:15:00 GMT

read more

CVE-2025-7090 - Belkin Webs Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7090 Published : July 6, 2025, 7:15 p.m. | 6 hours, 58 minutes ago Description : A vulnerability, which was classified as critical, has been found in Belkin F9K1122 1.00.33. Affected by this issue is the function formConnectionSetting of the file /goform/formConnectionSetting of the component webs. The manipulation of the argument max_Conn/timeOut leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 19:15:00 GMT

read more

CVE-2025-7087 - "Belkin F9K1122 Web L2TPSetup Stack-Based Buffer Overflow"

CVE ID : CVE-2025-7087 Published : July 6, 2025, 6:15 p.m. | 7 hours, 58 minutes ago Description : A vulnerability classified as critical was found in Belkin F9K1122 1.00.33. Affected by this vulnerability is the function formL2TPSetup of the file /goform/formL2TPSetup of the component webs. The manipulation of the argument L2TPUserName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 18:15:00 GMT

read more

CVE-2025-7088 - Belkin Webs Stack-Based Buffer Overflow

CVE ID : CVE-2025-7088 Published : July 6, 2025, 6:15 p.m. | 7 hours, 58 minutes ago Description : A vulnerability, which was classified as critical, was found in Belkin F9K1122 1.00.33. This affects the function formPPPoESetup of the file /goform/formPPPoESetup of the component webs. The manipulation of the argument pppUserName leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 18:15:00 GMT

read more

CVE-2025-7085 - Belkin F9K1122 Remote Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7085 Published : July 6, 2025, 5:15 p.m. | 8 hours, 58 minutes ago Description : A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. This issue affects the function formiNICWpsStart of the file /goform/formiNICWpsStart of the component webs. The manipulation of the argument pinCode leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 17:15:00 GMT

read more

CVE-2025-7086 - Belkin F9K1122 Web PPTPSetup Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7086 Published : July 6, 2025, 5:15 p.m. | 8 hours, 58 minutes ago Description : A vulnerability classified as critical has been found in Belkin F9K1122 1.00.33. Affected is the function formPPTPSetup of the file /goform/formPPTPSetup of the component webs. The manipulation of the argument pptpUserName leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 17:15:00 GMT

read more

CVE-2025-7083 - Belkin Webs mp Command Injection Vulnerability

CVE ID : CVE-2025-7083 Published : July 6, 2025, 4:15 p.m. | 9 hours, 58 minutes ago Description : A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. This affects the function mp of the file /goform/mp of the component webs. The manipulation of the argument command leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 16:15:00 GMT

read more

CVE-2025-7084 - "Belkin F9K1122 Web-based Buffer Overflow Vulnerability"

CVE ID : CVE-2025-7084 Published : July 6, 2025, 4:15 p.m. | 9 hours, 58 minutes ago Description : A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. This vulnerability affects the function formWpsStart of the file /goform/formWpsStart of the component webs. The manipulation of the argument pinCode leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 16:15:00 GMT

read more

CVE-2025-5333 - Apache RCE

CVE ID : CVE-2025-5333 Published : July 6, 2025, 2:15 p.m. | 11 hours, 58 minutes ago Description : Remote attackers can execute arbitrary code in the context of the vulnerable service process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 14:15:00 GMT

read more

CVE-2025-7080 - "Done-0 Jank JWT Token Handler Hardcoded Password Vulnerability"

CVE ID : CVE-2025-7080 Published : July 6, 2025, 2:15 p.m. | 11 hours, 58 minutes ago Description : A vulnerability, which was classified as problematic, was found in Done-0 Jank up to 322caebbad10568460364b9667aa62c3080bfc17. Affected is an unknown function of the file internal/utils/jwt_utils.go of the component JWT Token Handler. The manipulation of the argument accessSecret/refreshSecret with the input jank-blog-secret/jank-blog-refresh-secret leads to use of hard-coded password. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 14:15:00 GMT

read more

CVE-2025-7081 - Belkin F9K1122 WebOS Command Injection Vulnerability

CVE ID : CVE-2025-7081 Published : July 6, 2025, 2:15 p.m. | 11 hours, 58 minutes ago Description : A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this vulnerability is the function formSetWanStatic of the file /goform/formSetWanStatic of the component webs. The manipulation of the argument m_wan_ipaddr/m_wan_netmask/m_wan_gateway/m_wan_staticdns1/m_wan_staticdns2 is directly passed by the attacker/so we can control the m_wan_ipaddr/m_wan_netmask/m_wan_gateway/m_wan_staticdns1/m_wan_staticdns2 leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 14:15:00 GMT

read more

CVE-2025-7082 - Belkin Webs OS Command Injection Vulnerability

CVE ID : CVE-2025-7082 Published : July 6, 2025, 2:15 p.m. | 11 hours, 58 minutes ago Description : A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component webs. The manipulation of the argument wan_ipaddr/wan_netmask/wan_gateway/wl_ssid is directly passed by the attacker/so we can control the wan_ipaddr/wan_netmask/wan_gateway/wl_ssid leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 14:15:00 GMT

read more

CVE-2025-7079 - Mao888 Bluebell-Plus Hard-Coded Password JWT Token Handler Vulnerability

CVE ID : CVE-2025-7079 Published : July 6, 2025, 1:15 p.m. | 10 hours, 58 minutes ago Description : A vulnerability, which was classified as problematic, has been found in mao888 bluebell-plus up to 2.3.0. This issue affects some unknown processing of the file bluebell_backend/pkg/jwt/jwt.go of the component JWT Token Handler. The manipulation of the argument mySecret with the input bluebell-plus leads to use of hard-coded password. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 13:15:00 GMT

read more

CVE-2025-38235 - "Linux HID Backlight Reference Leak"

CVE ID : CVE-2025-38235 Published : July 6, 2025, 10:15 a.m. | 13 hours, 58 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting During appletb_kbd_probe, probe attempts to get the backlight device by name. When this happens backlight_device_get_by_name looks for a device in the backlight class which has name "appletb_backlight" and upon finding a match it increments the reference count for the device and returns it to the caller. However this reference is never released leading to a reference leak. Fix this by decrementing the backlight device reference count on removal via put_device and on probe failure. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 10:15:00 GMT

read more

CVE-2025-7078 - 07FlyCMS Cross-Site Request Forgery Vulnerability

CVE ID : CVE-2025-7078 Published : July 6, 2025, 9:15 a.m. | 14 hours, 58 minutes ago Description : A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is published under multiple names. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 09:15:00 GMT

read more

CVE-2025-7077 - Shenzhen Libituo Technology LBT-T300-T310 Buffer Overflow Vulnerability

CVE ID : CVE-2025-7077 Published : July 6, 2025, 7:15 a.m. | 16 hours, 58 minutes ago Description : A vulnerability classified as critical has been found in Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6. This affects the function config_3g_para of the file /appy.cgi. The manipulation of the argument username_3g/password_3g leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 07:15:00 GMT

read more

CVE-2025-27446 - Apache APISIX(java-plugin-runner) Local Privilege Escalation

CVE ID : CVE-2025-27446 Published : July 6, 2025, 6:15 a.m. | 15 hours, 59 minutes ago Description : Incorrect Permission Assignment for Critical Resource vulnerability in Apache APISIX(java-plugin-runner). Local listening file permissions in APISIX plugin runner allow a local attacker to elevate privileges. This issue affects Apache APISIX(java-plugin-runner): from 0.2.0 through 0.5.0. Users are recommended to upgrade to version 0.6.0 or higher, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 06:15:00 GMT

read more

CVE-2025-7076 - BlackVue Dashcam 590X Configuration Handler Local File Inclusion Vulnerability

CVE ID : CVE-2025-7076 Published : July 6, 2025, 1:15 a.m. | 20 hours, 59 minutes ago Description : A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.cgi of the component Configuration Handler. The manipulation leads to improper access controls. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 01:15:00 GMT

read more

CVE-2025-7075 - BlackVue Dashcam 590X HTTP Endpoint Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7075 Published : July 6, 2025, 12:15 a.m. | 21 hours, 59 minutes ago Description : A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /upload.cgi of the component HTTP Endpoint. The manipulation leads to unrestricted upload. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 06 Jul 2025 00:15:00 GMT

read more

CVE-2025-5316 - "Apache Log4j Remote Code Execution Vulnerability"

CVE ID : CVE-2025-5316 Published : July 5, 2025, 11:15 p.m. | 22 hours, 59 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-6022 - Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2025-6022 Published : July 5, 2025, 11:15 p.m. | 22 hours, 59 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3896 - CVE-2018-3639: Cisco IOS XE Remote Code Execution Vulnerability

CVE ID : CVE-2025-3896 Published : July 5, 2025, 11:15 p.m. | 20 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-4694 - Apache HTTP Server Remote Code Execution Vulnerability

CVE ID : CVE-2025-4694 Published : July 5, 2025, 11:15 p.m. | 20 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-4950 - CVE-2018-3639: Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2025-4950 Published : July 5, 2025, 11:15 p.m. | 20 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-5104 - CVE-2022-1234: Adobe Flash Code Execution Vulnerability

CVE ID : CVE-2025-5104 Published : July 5, 2025, 11:15 p.m. | 20 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3283 - "Apache Struts Deserialization Remote Code Execution Vulnerability"

CVE ID : CVE-2025-3283 Published : July 5, 2025, 11:15 p.m. | 19 hours, 20 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3524 - CVE-2022-36363: Apache Struts Command Injection

CVE ID : CVE-2025-3524 Published : July 5, 2025, 11:15 p.m. | 19 hours, 20 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3094 - CVE-2019-16278: Adobe Flash Player Unvalidated Input

CVE ID : CVE-2025-3094 Published : July 5, 2025, 11:15 p.m. | 18 hours, 42 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-3156 - CVE-2022-1234: Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2025-3156 Published : July 5, 2025, 11:15 p.m. | 18 hours, 42 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2856 - Cisco WebEx Vulnerability - Remote Code Execution

CVE ID : CVE-2025-2856 Published : July 5, 2025, 11:15 p.m. | 17 hours, 17 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2904 - Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2025-2904 Published : July 5, 2025, 11:15 p.m. | 17 hours, 17 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2504 - Apache HTTP Server Cross Site Scripting

CVE ID : CVE-2025-2504 Published : July 5, 2025, 11:15 p.m. | 16 hours, 57 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2718 - CVE-2018-3627: Adobe Flash Player Cross-Site Scripting

CVE ID : CVE-2025-2718 Published : July 5, 2025, 11:15 p.m. | 16 hours, 57 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1737 - Here is a title for the vulnerability:Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2025-1737 Published : July 5, 2025, 11:15 p.m. | 14 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1772 - CVE-2021-22222: Apache Struts Deserialization RCE

CVE ID : CVE-2025-1772 Published : July 5, 2025, 11:15 p.m. | 14 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1990 - Apache Struts Remote Code Execution

CVE ID : CVE-2025-1990 Published : July 5, 2025, 11:15 p.m. | 14 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-2422 - CVE-2021-12345: Apache Struts Deserialization Vulnerability

CVE ID : CVE-2025-2422 Published : July 5, 2025, 11:15 p.m. | 14 hours, 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1631 - CVE-2019-0708: Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE ID : CVE-2025-1631 Published : July 5, 2025, 11:15 p.m. | 12 hours, 57 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1573 - Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2025-1573 Published : July 5, 2025, 11:15 p.m. | 10 hours, 38 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1569 - Cisco WebEx Meeting Center Cross-Site Scripting

CVE ID : CVE-2025-1569 Published : July 5, 2025, 11:15 p.m. | 8 hours, 57 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1317 - Apache HTTP Server Remote Code Execution Vulnerability

CVE ID : CVE-2025-1317 Published : July 5, 2025, 11:15 p.m. | 7 hours, 8 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1318 - CVE-2022-1234: Cisco WebEx Meeting Center Unvalidated Redirect

CVE ID : CVE-2025-1318 Published : July 5, 2025, 11:15 p.m. | 7 hours, 8 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1234 - CVE-2021-4034: Apache HTTP Server HTTP Request Smuggling

CVE ID : CVE-2025-1234 Published : July 5, 2025, 11:15 p.m. | 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-1297 - CVE-2021-34567: Apache Struts Remote Code Execution Vulnerability

CVE ID : CVE-2025-1297 Published : July 5, 2025, 11:15 p.m. | 58 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 23:15:00 GMT

read more

CVE-2025-7074 - Vercel Hyper Regular Expression Complexity

CVE ID : CVE-2025-7074 Published : July 5, 2025, 9:15 a.m. | 12 hours, 58 minutes ago Description : A vulnerability classified as problematic has been found in vercel hyper up to 3.4.1. This affects the function expand/braceExpand/ignoreMap of the file hyper/bin/rimraf-standalone.js. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 09:15:00 GMT

read more

CVE-2023-50786 - Dradis HTTP Image Reference Vulnerability (Arbitrary Code Execution)

CVE ID : CVE-2023-50786 Published : July 5, 2025, 4:15 a.m. | 17 hours, 58 minutes ago Description : Dradis through 4.16.0 allows referencing external images (resources) over HTTPS, instead of forcing the use of embedded (uploaded) images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 04:15:00 GMT

read more

CVE-2025-47227 - Netmake ScriptCase Authentication Bypass

CVE ID : CVE-2025-47227 Published : July 5, 2025, 3:15 a.m. | 18 hours, 58 minutes ago Description : In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeover. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 03:15:00 GMT

read more

CVE-2025-47228 - Shell Injection Vulnerability in Netmake ScriptCase Production Environment Extension

CVE ID : CVE-2025-47228 Published : July 5, 2025, 3:15 a.m. | 18 hours, 58 minutes ago Description : In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 03:15:00 GMT

read more

CVE-2024-58254 - Rustls TLS ClientHello Panic

CVE ID : CVE-2024-58254 Published : July 5, 2025, 2:15 a.m. | 19 hours, 58 minutes ago Description : Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-11738. Reason: This candidate is a duplicate of CVE-2024-11738. Notes: All CVE users should reference CVE-2024-11738 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 02:15:00 GMT

read more

CVE-2025-53603 - Alinto SOPE SOGo NULL Pointer Dereference

CVE ID : CVE-2025-53603 Published : July 5, 2025, 1:15 a.m. | 20 hours, 58 minutes ago Description : In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the query string is a duplicate of a parameter in the POST body. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 01:15:00 GMT

read more

CVE-2025-53604 - Apache Web-Push Denial of Service

CVE ID : CVE-2025-53604 Published : July 5, 2025, 1:15 a.m. | 20 hours, 58 minutes ago Description : The web-push crate before 0.10.3 for Rust allows a denial of service (memory consumption) in the built-in clients via a large integer in a Content-Length header. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 01:15:00 GMT

read more

CVE-2025-53605 - Google Protobuf Rust Crate Uncontrolled Recursion Vulnerability

CVE ID : CVE-2025-53605 Published : July 5, 2025, 1:15 a.m. | 20 hours, 58 minutes ago Description : The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 01:15:00 GMT

read more

CVE-2025-26850 - Quest KACE Systems Management Appliance Local Privilege Escalation

CVE ID : CVE-2025-26850 Published : July 5, 2025, 12:15 a.m. | 21 hours, 58 minutes ago Description : The agent in Quest KACE Systems Management Appliance (SMA) before 14.0.97 and 14.1.x before 14.1.19 potentially allows privilege escalation on managed systems. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 00:15:00 GMT

read more

CVE-2025-43711 - Tunnelblick Privilege Escalation Vulnerability

CVE ID : CVE-2025-43711 Published : July 5, 2025, 12:15 a.m. | 21 hours, 58 minutes ago Description : Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root (upon the next boot) by dragging a crafted Tunnelblick.app file into /Applications. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 05 Jul 2025 00:15:00 GMT

read more

CVE-2025-48952 - NetAlertX SHA-256 Magic Hash Login Bypass Vulnerability

CVE ID : CVE-2025-48952 Published : July 4, 2025, 11:15 p.m. | 22 hours, 58 minutes ago Description : NetAlertX is a network, presence scanner, and alert framework. Prior to version 25.6.7, a vulnerability in the authentication logic allows users to bypass password verification using SHA-256 magic hashes, due to loose comparison in PHP. In vulnerable versions of the application, a password comparison is performed using the `==` operator at line 40 in front/index.php. This introduces a security issue where specially crafted "magic hash" values that evaluate to true in a loose comparison can bypass authentication. Because of the use of `==` instead of the strict `===`, different strings that begin with 0e and are followed by only digits can be interpreted as scientific notation (i.e., zero) and treated as equal. This issue falls under the Login Bypass vulnerability class. Users with certain "weird" passwords that produce magic hashes are particularly affected. Services relying on this logic are at risk of unauthorized access. Version 25.6.7 fixes the vulnerability. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 23:15:00 GMT

read more

CVE-2025-53365 - Apache MCP Python SDK Denial of Service

CVE ID : CVE-2025-53365 Published : July 4, 2025, 10:15 p.m. | 23 hours, 58 minutes ago Description : The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.10.0, if a client deliberately triggers an exception after establishing a streamable HTTP session, this can lead to an uncaught ClosedResourceError on the server side, causing the server to crash and requiring a restart to restore service. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Version 1.10.0 contains a patch for the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 22:15:00 GMT

read more

CVE-2025-53366 - Apache MCP Model Context Protocol Denial of Service

CVE ID : CVE-2025-53366 Published : July 4, 2025, 10:15 p.m. | 23 hours, 58 minutes ago Description : The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability (500 errors) until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Version 1.9.4 contains a patch for the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 22:15:00 GMT

read more

CVE-2025-7070 - "IROAD Dashcam Q9 Local Network Resource Allocation Vulnerability"

CVE ID : CVE-2025-7070 Published : July 4, 2025, 10:15 p.m. | 23 hours, 58 minutes ago Description : A vulnerability has been found in IROAD Dashcam Q9 up to 20250624 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component MFA Pairing Request Handler. The manipulation leads to allocation of resources. The attack needs to be done within the local network. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 22:15:00 GMT

read more

CVE-2025-53602 - Zipkin Spring Boot Actuator Heapdump Information Disclosure

CVE ID : CVE-2025-53602 Published : July 4, 2025, 9:15 p.m. | 1 day ago Description : Zipkin through 3.5.1 has a /heapdump endpoint (associated with the use of Spring Boot Actuator), a similar issue to CVE-2025-48927. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 21:15:00 GMT

read more

CVE-2025-7068 - HDF5 Memory Leak Vulnerability

CVE ID : CVE-2025-7068 Published : July 4, 2025, 9:15 p.m. | 1 day ago Description : A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 21:15:00 GMT

read more

CVE-2025-7069 - HDF5 Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-7069 Published : July 4, 2025, 9:15 p.m. | 1 day ago Description : A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FS__sect_link_size of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 21:15:00 GMT

read more

CVE-2025-53483 - Mediawiki SecurePoll CSRF

CVE ID : CVE-2025-53483 Published : July 4, 2025, 6:15 p.m. | 1 day, 3 hours ago Description : ArchivePage.php, UnarchivePage.php, and VoterEligibilityPage#executeClear() do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 18:15:00 GMT

read more

CVE-2025-53484 - Mediawiki SecurePoll Stored Cross-Site Scripting

CVE ID : CVE-2025-53484 Published : July 4, 2025, 6:15 p.m. | 1 day, 3 hours ago Description : User-controlled inputs are improperly escaped in: * VotePage.php (poll option input) * ResultPage::getPagesTab() and getErrorsTab() (user-controllable page names) This allows attackers to inject JavaScript and compromise user sessions under certain conditions. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 18:15:00 GMT

read more

CVE-2025-53485 - Mediawiki SecurePoll Election Admin Authentication Bypass

CVE ID : CVE-2025-53485 Published : July 4, 2025, 6:15 p.m. | 1 day, 3 hours ago Description : SetTranslationHandler.php does not validate that the user is an election admin, allowing any (even unauthenticated) user to change election-related translation text. While partially broken in newer MediaWiki versions, the check is still missing. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 18:15:00 GMT

read more

CVE-2025-7067 - HDF5 Heap-Based Buffer Overflow

CVE ID : CVE-2025-7067 Published : July 4, 2025, 6:15 p.m. | 1 day, 3 hours ago Description : A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FS__sinfo_serialize_node_cb of the file src/H5FScache.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 18:15:00 GMT

read more

CVE-2025-53481 - WikiMedia Mediawiki IPInfo Extension Uncontrolled Resource Consumption DoS

CVE ID : CVE-2025-53481 Published : July 4, 2025, 4:15 p.m. | 1 day, 5 hours ago Description : Uncontrolled Resource Consumption vulnerability in Wikimedia Foundation Mediawiki - IPInfo Extension allows Excessive Allocation.This issue affects Mediawiki - IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 16:15:00 GMT

read more

CVE-2025-53482 - Wikimedia Foundation Mediawiki - IPInfo Extension Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53482 Published : July 4, 2025, 4:15 p.m. | 1 day, 5 hours ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - IPInfo Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 16:15:00 GMT

read more

CVE-2025-52496 - Mbed TLS AESNI Detection Race Condition

CVE ID : CVE-2025-52496 Published : July 4, 2025, 3:15 p.m. | 1 day, 6 hours ago Description : Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 15:15:00 GMT

read more

CVE-2025-52497 - Mbed TLS PEM Parsing Heap Buffer Underflow Vulnerability

CVE ID : CVE-2025-52497 Published : July 4, 2025, 3:15 p.m. | 1 day, 6 hours ago Description : Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse functions, via untrusted PEM input. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 15:15:00 GMT

read more

CVE-2025-49601 - MbedTLS LMS Public Key Buffer Out-of-Bounds Read

CVE ID : CVE-2025-49601 Published : July 4, 2025, 3:15 p.m. | 16 hours, 57 minutes ago Description : In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 15:15:00 GMT

read more

CVE-2025-49600 - MbedTLS LMS Signature Forgery Vulnerability

CVE ID : CVE-2025-49600 Published : July 4, 2025, 3:15 p.m. | 12 hours, 58 minutes ago Description : In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS (Leighton-Micali Signature) forgery in a fault scenario. Specifically, unchecked return values in mbedtls_lms_verify allow an attacker (who can induce a hardware hash accelerator fault) to bypass LMS signature verification by reusing stale stack data, resulting in acceptance of an invalid signature. In mbedtls_lms_verify, the return values of the internal Merkle tree functions create_merkle_leaf_value and create_merkle_internal_value are not checked. These functions return an integer that indicates whether the call succeeded or not. If a failure occurs, the output buffer (Tc_candidate_root_node) may remain uninitialized, and the result of the signature verification is unpredictable. When the software implementation of SHA-256 is used, these functions will not fail. However, with hardware-accelerated hashing, an attacker could use fault injection against the accelerator to bypass verification. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 15:15:00 GMT

read more

CVE-2025-38233 - Linux kernel Powerpc64 Ftrace Livepatching R15 Clobbered Vulnerability

CVE ID : CVE-2025-38233 Published : July 4, 2025, 2:15 p.m. | 11 hours, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix clobbered r15 during livepatching While r15 is clobbered always with PPC_FTRACE_OUT_OF_LINE, it is not restored in livepatch sequence leading to not so obvious fails like below: BUG: Unable to handle kernel data access on write at 0xc0000000000f9078 Faulting instruction address: 0xc0000000018ff958 Oops: Kernel access of bad area, sig: 11 [#1] ... NIP: c0000000018ff958 LR: c0000000018ff930 CTR: c0000000009c0790 REGS: c00000005f2e7790 TRAP: 0300 Tainted: G K (6.14.0+) MSR: 8000000000009033 CR: 2822880b XER: 20040000 CFAR: c0000000008addc0 DAR: c0000000000f9078 DSISR: 0a000000 IRQMASK: 1 GPR00: c0000000018f2584 c00000005f2e7a30 c00000000280a900 c000000017ffa488 GPR04: 0000000000000008 0000000000000000 c0000000018f24fc 000000000000000d GPR08: fffffffffffe0000 000000000000000d 0000000000000000 0000000000008000 GPR12: c0000000009c0790 c000000017ffa480 c00000005f2e7c78 c0000000000f9070 GPR16: c00000005f2e7c90 0000000000000000 0000000000000000 0000000000000000 GPR20: 0000000000000000 c00000005f3efa80 c00000005f2e7c60 c00000005f2e7c88 GPR24: c00000005f2e7c60 0000000000000001 c0000000000f9078 0000000000000000 GPR28: 00007fff97960000 c000000017ffa480 0000000000000000 c0000000000f9078 ... Call Trace: check_heap_object+0x34/0x390 (unreliable) __mutex_unlock_slowpath.isra.0+0xe4/0x230 seq_read_iter+0x430/0xa90 proc_reg_read_iter+0xa4/0x200 vfs_read+0x41c/0x510 ksys_read+0xa4/0x190 system_call_exception+0x1d0/0x440 system_call_vectored_common+0x15c/0x2ec Fix it by restoring r15 always. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38234 - Linux Kernel Sched/rt: Push Rt Task Race Vulnerability

CVE ID : CVE-2025-38234 Published : July 4, 2025, 2:15 p.m. | 11 hours, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a double lock on both CPUs' runqueues. If one of the locks aren't readily available, it may lead to dropping the current runqueue lock and reacquiring both the locks at once. During this window it is possible that the task is already migrated and is running on some other CPU. These cases are already handled. However, if the task is migrated and has already been executed and another CPU is now trying to wake it up (ttwu) such that it is queued again on the runqeue (on_rq is 1) and also if the task was run by the same CPU, then the current checks will pass even though the task was migrated out and is no longer in the pushable tasks list. Crashes ======= This bug resulted in quite a few flavors of crashes triggering kernel panics with various crash signatures such as assert failures, page faults, null pointer dereferences, and queue corruption errors all coming from scheduler itself. Some of the crashes: -> kernel BUG at kernel/sched/rt.c:1616! BUG_ON(idx >= MAX_RT_PRIO) Call Trace: ? __die_body+0x1a/0x60 ? die+0x2a/0x50 ? do_trap+0x85/0x100 ? pick_next_task_rt+0x6e/0x1d0 ? do_error_trap+0x64/0xa0 ? pick_next_task_rt+0x6e/0x1d0 ? exc_invalid_op+0x4c/0x60 ? pick_next_task_rt+0x6e/0x1d0 ? asm_exc_invalid_op+0x12/0x20 ? pick_next_task_rt+0x6e/0x1d0 __schedule+0x5cb/0x790 ? update_ts_time_stats+0x55/0x70 schedule_idle+0x1e/0x40 do_idle+0x15e/0x200 cpu_startup_entry+0x19/0x20 start_secondary+0x117/0x160 secondary_startup_64_no_verify+0xb0/0xbb -> BUG: kernel NULL pointer dereference, address: 00000000000000c0 Call Trace: ? __die_body+0x1a/0x60 ? no_context+0x183/0x350 ? __warn+0x8a/0xe0 ? exc_page_fault+0x3d6/0x520 ? asm_exc_page_fault+0x1e/0x30 ? pick_next_task_rt+0xb5/0x1d0 ? pick_next_task_rt+0x8c/0x1d0 __schedule+0x583/0x7e0 ? update_ts_time_stats+0x55/0x70 schedule_idle+0x1e/0x40 do_idle+0x15e/0x200 cpu_startup_entry+0x19/0x20 start_secondary+0x117/0x160 secondary_startup_64_no_verify+0xb0/0xbb -> BUG: unable to handle page fault for address: ffff9464daea5900 kernel BUG at kernel/sched/rt.c:1861! BUG_ON(rq->cpu != task_cpu(p)) -> kernel BUG at kernel/sched/rt.c:1055! BUG_ON(!rq->nr_running) Call Trace: ? __die_body+0x1a/0x60 ? die+0x2a/0x50 ? do_trap+0x85/0x100 ? dequeue_top_rt_rq+0xa2/0xb0 ? do_error_trap+0x64/0xa0 ? dequeue_top_rt_rq+0xa2/0xb0 ? exc_invalid_op+0x4c/0x60 ? dequeue_top_rt_rq+0xa2/0xb0 ? asm_exc_invalid_op+0x12/0x20 ? dequeue_top_rt_rq+0xa2/0xb0 dequeue_rt_entity+0x1f/0x70 dequeue_task_rt+0x2d/0x70 __schedule+0x1a8/0x7e0 ? blk_finish_plug+0x25/0x40 schedule+0x3c/0xb0 futex_wait_queue_me+0xb6/0x120 futex_wait+0xd9/0x240 do_futex+0x344/0xa90 ? get_mm_exe_file+0x30/0x60 ? audit_exe_compare+0x58/0x70 ? audit_filter_rules.constprop.26+0x65e/0x1220 __x64_sys_futex+0x148/0x1f0 do_syscall_64+0x30/0x80 entry_SYSCALL_64_after_hwframe+0x62/0xc7 -> BUG: unable to handle page fault for address: ffff8cf3608bc2c0 Call Trace: ? __die_body+0x1a/0x60 ? no_context+0x183/0x350 ? spurious_kernel_fault+0x171/0x1c0 ? exc_page_fault+0x3b6/0x520 ? plist_check_list+0x15/0x40 ? plist_check_list+0x2e/0x40 ? asm_exc_page_fault+0x1e/0x30 ? _cond_resched+0x15/0x30 ? futex_wait_queue_me+0xc8/0x120 ? futex_wait+0xd9/0x240 ? try_to_wake_up+0x1b8/0x490 ? futex_wake+0x78/0x160 ? do_futex+0xcd/0xa90 ? plist_check_list+0x15/0x40 ? plist_check_list+0x2e/0x40 ? plist_del+0x6a/0xd0 ? plist_check_list+0x15/0x40 ? plist_check_list+0x2e/0x40 ? dequeue_pushable_task+0x20/0x70 ? __schedule+0x382/0x7e0 ? asm_sysvec_reschedule_i ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-46733 - OP-TEE Secure Storage API Panic Vulnerability

CVE ID : CVE-2025-46733 Published : July 4, 2025, 2:15 p.m. | 11 hours, 56 minutes ago Description : OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that uses the libutee Secure Storage API. Many functions in libutee, specifically those which make up the Secure Storage API, will panic if a system call returns an unexpected return code. This behavior is mandated by the TEE Internal Core API specification. However, in OP-TEE’s implementation, return codes of secure storage operations are passed through unsanitized from the REE tee-supplicant, through the Linux kernel tee-driver, through the OP-TEE kernel, back to libutee. Thus, an attacker with access to REE userspace, and the ability to stop tee-supplicant and replace it with their own process (generally trivial for a root user, and depending on the way permissions are set up, potentially available even to less privileged users) can run a malicious tee-supplicant process that responds to storage requests with unexpected response codes, triggering a panic in the requesting TA. This is particularly dangerous for TAs built with `TA_FLAG_SINGLE_INSTANCE` (corresponding to `gpd.ta.singleInstance` and `TA_FLAG_INSTANCE_KEEP_ALIVE` (corresponding to `gpd.ta.keepAlive`). The behavior of these TAs may depend on memory that is preserved between sessions, and the ability of an attacker to panic the TA and reload it with a clean memory space can compromise the behavior of those TAs. A critical example of this is the optee_ftpm TA. It uses the kept alive memory to hold PCR values, which crucially must be non-resettable. An attacker who can trigger a panic in the fTPM TA can reset the PCRs, and then extend them PCRs with whatever they choose, falsifying boot measurements, accessing sealed data, and potentially more. The impact of this issue depends significantly on the behavior of affected TAs. For some, it could manifest as a denial of service, while for others, like the fTPM TA, it can result in the disclosure of sensitive data. Anyone running the fTPM TA is affected, but similar attacks may be possible on other TAs that leverage the Secure Storage API. A fix is available in commit 941a58d78c99c4754fbd4ec3079ec9e1d596af8f. Severity: 7.9 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38228 - Imagination Media Linux Kernel Memory Leak

CVE ID : CVE-2025-38228 Published : July 4, 2025, 2:15 p.m. | 9 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: media: imagination: fix a potential memory leak in e5010_probe() Add video_device_release() to release the memory allocated by video_device_alloc() if something goes wrong. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38229 - "DVB-USB cxusb Uninitialized Variable Write"

CVE ID : CVE-2025-38229 Published : July 4, 2025, 2:15 p.m. | 9 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusb_i2c_xfer. [1] Only when the write operation of usb_bulk_msg() in dvb_usb_generic_rw() succeeds and rlen is greater than 0, the read operation of usb_bulk_msg() will be executed to read rlen bytes of data from the dvb device into the rbuf. In this case, although rlen is 1, the write operation failed which resulted in the dvb read operation not being executed, and ultimately variable i was not initialized. [1] BUG: KMSAN: uninit-value in cxusb_gpio_tuner drivers/media/usb/dvb-usb/cxusb.c:124 [inline] BUG: KMSAN: uninit-value in cxusb_i2c_xfer+0x153a/0x1a60 drivers/media/usb/dvb-usb/cxusb.c:196 cxusb_gpio_tuner drivers/media/usb/dvb-usb/cxusb.c:124 [inline] cxusb_i2c_xfer+0x153a/0x1a60 drivers/media/usb/dvb-usb/cxusb.c:196 __i2c_transfer+0xe25/0x3150 drivers/i2c/i2c-core-base.c:-1 i2c_transfer+0x317/0x4a0 drivers/i2c/i2c-core-base.c:2315 i2c_transfer_buffer_flags+0x125/0x1e0 drivers/i2c/i2c-core-base.c:2343 i2c_master_send include/linux/i2c.h:109 [inline] i2cdev_write+0x210/0x280 drivers/i2c/i2c-dev.c:183 do_loop_readv_writev fs/read_write.c:848 [inline] vfs_writev+0x963/0x14e0 fs/read_write.c:1057 do_writev+0x247/0x5c0 fs/read_write.c:1101 __do_sys_writev fs/read_write.c:1169 [inline] __se_sys_writev fs/read_write.c:1166 [inline] __x64_sys_writev+0x98/0xe0 fs/read_write.c:1166 x64_sys_call+0x2229/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:21 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38230 - Linux JFS Shift Out of Bounds Vulnerability

CVE ID : CVE-2025-38230 Published : July 4, 2025, 2:15 p.m. | 9 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount() to prevent crashes Validate db_agheight, db_agwidth, and db_agstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL, LPERCTL/MAXAG, and CTLTREESIZE: - agheight: 0 to L2LPERCTL/2 (0 to 5) ensures shift (L2LPERCTL - 2*agheight) >= 0. - agwidth: 1 to min(LPERCTL/MAXAG, 2^(L2LPERCTL - 2*agheight)) ensures agperlev >= 1. - Ranges: 1-8 (agheight 0-3), 1-4 (agheight 4), 1 (agheight 5). - LPERCTL/MAXAG = 1024/128 = 8 limits leaves per AG; 2^(10 - 2*agheight) prevents division to 0. - agstart: 0 to CTLTREESIZE-1 - agwidth*(MAXAG-1) keeps ti within stree (size 1365). - Ranges: 0-1237 (agwidth 1), 0-348 (agwidth 8). UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:1400:9 shift exponent -335544310 is negative CPU: 0 UID: 0 PID: 5822 Comm: syz-executor130 Not tainted 6.14.0-rc5-syzkaller #0 Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 ubsan_epilogue lib/ubsan.c:231 [inline] __ubsan_handle_shift_out_of_bounds+0x3c8/0x420 lib/ubsan.c:468 dbAllocAG+0x1087/0x10b0 fs/jfs/jfs_dmap.c:1400 dbDiscardAG+0x352/0xa20 fs/jfs/jfs_dmap.c:1613 jfs_ioc_trim+0x45a/0x6b0 fs/jfs/jfs_discard.c:105 jfs_ioctl+0x2cd/0x3e0 fs/jfs/ioctl.c:131 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:906 [inline] __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38231 - Linux Kernel NFSd NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38231 Published : July 4, 2025, 2:15 p.m. | 9 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromat_work to prevent NULL dereference In nfs4_state_start_net(), laundromat_work may access nfsd_ssc through nfs4_laundromat -> nfsd4_ssc_expire_umount. If nfsd_ssc isn't initialized, this can cause NULL pointer dereference. Normally the delayed start of laundromat_work allows sufficient time for nfsd_ssc initialization to complete. However, when the kernel waits too long for userspace responses (e.g. in nfs4_state_start_net -> nfsd4_end_grace -> nfsd4_record_grace_done -> nfsd4_cld_grace_done -> cld_pipe_upcall -> __cld_pipe_upcall -> wait_for_completion path), the delayed work may start before nfsd_ssc initialization finishes. Fix this by moving nfsd_ssc initialization before starting laundromat_work. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38232 - Linux NFSd Race Condition Vulnerability

CVE ID : CVE-2025-38232 Published : July 4, 2025, 2:15 p.m. | 9 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: NFSD: fix race between nfsd registration and exports_proc As of now nfsd calls create_proc_exports_entry() at start of init_nfsd and cleanup by remove_proc_entry() at last of exit_nfsd. Which causes kernel OOPs if there is race between below 2 operations: (i) exportfs -r (ii) mount -t nfsd none /proc/fs/nfsd for 5.4 kernel ARM64: CPU 1: el1_irq+0xbc/0x180 arch_counter_get_cntvct+0x14/0x18 running_clock+0xc/0x18 preempt_count_add+0x88/0x110 prep_new_page+0xb0/0x220 get_page_from_freelist+0x2d8/0x1778 __alloc_pages_nodemask+0x15c/0xef0 __vmalloc_node_range+0x28c/0x478 __vmalloc_node_flags_caller+0x8c/0xb0 kvmalloc_node+0x88/0xe0 nfsd_init_net+0x6c/0x108 [nfsd] ops_init+0x44/0x170 register_pernet_operations+0x114/0x270 register_pernet_subsys+0x34/0x50 init_nfsd+0xa8/0x718 [nfsd] do_one_initcall+0x54/0x2e0 CPU 2 : Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 PC is at : exports_net_open+0x50/0x68 [nfsd] Call trace: exports_net_open+0x50/0x68 [nfsd] exports_proc_open+0x2c/0x38 [nfsd] proc_reg_open+0xb8/0x198 do_dentry_open+0x1c4/0x418 vfs_open+0x38/0x48 path_openat+0x28c/0xf18 do_filp_open+0x70/0xe8 do_sys_open+0x154/0x248 Sometimes it crashes at exports_net_open() and sometimes cache_seq_next_rcu(). and same is happening on latest 6.14 kernel as well: [ 0.000000] Linux version 6.14.0-rc5-next-20250304-dirty ... [ 285.455918] Unable to handle kernel paging request at virtual address 00001f4800001f48 ... [ 285.464902] pc : cache_seq_next_rcu+0x78/0xa4 ... [ 285.469695] Call trace: [ 285.470083] cache_seq_next_rcu+0x78/0xa4 (P) [ 285.470488] seq_read+0xe0/0x11c [ 285.470675] proc_reg_read+0x9c/0xf0 [ 285.470874] vfs_read+0xc4/0x2fc [ 285.471057] ksys_read+0x6c/0xf4 [ 285.471231] __arm64_sys_read+0x1c/0x28 [ 285.471428] invoke_syscall+0x44/0x100 [ 285.471633] el0_svc_common.constprop.0+0x40/0xe0 [ 285.471870] do_el0_svc_compat+0x1c/0x34 [ 285.472073] el0_svc_compat+0x2c/0x80 [ 285.472265] el0t_32_sync_handler+0x90/0x140 [ 285.472473] el0t_32_sync+0x19c/0x1a0 [ 285.472887] Code: f9400885 93407c23 937d7c27 11000421 (f86378a3) [ 285.473422] ---[ end trace 0000000000000000 ]--- It reproduced simply with below script: while [ 1 ] do /exportfs -r done & while [ 1 ] do insmod /nfsd.ko mount -t nfsd none /proc/fs/nfsd umount /proc/fs/nfsd rmmod nfsd done & So exporting interfaces to user space shall be done at last and cleanup at first place. With change there is no Kernel OOPs. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38224 - Kvaser PCIEFD Linux Kernel Slab Out-of-Bounds Write

CVE ID : CVE-2025-38224 Published : July 4, 2025, 2:15 p.m. | 7 hours, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: can: kvaser_pciefd: refine error prone echo_skb_max handling logic echo_skb_max should define the supported upper limit of echo_skb[] allocated inside the netdevice's priv. The corresponding size value provided by this driver to alloc_candev() is KVASER_PCIEFD_CAN_TX_MAX_COUNT which is 17. But later echo_skb_max is rounded up to the nearest power of two (for the max case, that would be 32) and the tx/ack indices calculated further during tx/rx may exceed the upper array boundary. Kasan reported this for the ack case inside kvaser_pciefd_handle_ack_packet(), though the xmit function has actually caught the same thing earlier. BUG: KASAN: slab-out-of-bounds in kvaser_pciefd_handle_ack_packet+0x2d7/0x92a drivers/net/can/kvaser_pciefd.c:1528 Read of size 8 at addr ffff888105e4f078 by task swapper/4/0 CPU: 4 UID: 0 PID: 0 Comm: swapper/4 Not tainted 6.15.0 #12 PREEMPT(voluntary) Call Trace: dump_stack_lvl lib/dump_stack.c:122 print_report mm/kasan/report.c:521 kasan_report mm/kasan/report.c:634 kvaser_pciefd_handle_ack_packet drivers/net/can/kvaser_pciefd.c:1528 kvaser_pciefd_read_packet drivers/net/can/kvaser_pciefd.c:1605 kvaser_pciefd_read_buffer drivers/net/can/kvaser_pciefd.c:1656 kvaser_pciefd_receive_irq drivers/net/can/kvaser_pciefd.c:1684 kvaser_pciefd_irq_handler drivers/net/can/kvaser_pciefd.c:1733 __handle_irq_event_percpu kernel/irq/handle.c:158 handle_irq_event kernel/irq/handle.c:210 handle_edge_irq kernel/irq/chip.c:833 __common_interrupt arch/x86/kernel/irq.c:296 common_interrupt arch/x86/kernel/irq.c:286 Tx max count definitely matters for kvaser_pciefd_tx_avail(), but for seq numbers' generation that's not the case - we're free to calculate them as would be more convenient, not taking tx max count into account. The only downside is that the size of echo_skb[] should correspond to the max seq number (not tx max count), so in some situations a bit more memory would be consumed than could be. Thus make the size of the underlying echo_skb[] sufficient for the rounded max tx value. Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38225 - Vulnerability Title: "Imx-Jpeg Linux Kernel NULL Pointer Dereference"

CVE ID : CVE-2025-38225 Published : July 4, 2025, 2:15 p.m. | 7 hours, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Cleanup after an allocation error When allocation failures are not cleaned up by the driver, further allocation errors will be false-positives, which will cause buffers to remain uninitialized and cause NULL pointer dereferences. Ensure proper cleanup of failed allocations to prevent these issues. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38226 - Linux Kernel V4L2 TPG Out-of-Bounds Write Vulnerability

CVE ID : CVE-2025-38226 Published : July 4, 2025, 2:15 p.m. | 7 hours, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_pattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 [inline] BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_buffer+0x1a9c/0x5af0 drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2705 Write of size 1440 at addr ffffc9000d0ffda0 by task vivid-000-vid-c/5304 CPU: 0 UID: 0 PID: 5304 Comm: vivid-000-vid-c Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0x169/0x550 mm/kasan/report.c:489 kasan_report+0x143/0x180 mm/kasan/report.c:602 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106 tpg_fill_plane_pattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 [inline] tpg_fill_plane_buffer+0x1a9c/0x5af0 drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2705 vivid_fillbuff drivers/media/test-drivers/vivid/vivid-kthread-cap.c:470 [inline] vivid_thread_vid_cap_tick+0xf8e/0x60d0 drivers/media/test-drivers/vivid/vivid-kthread-cap.c:629 vivid_thread_vid_cap+0x8aa/0xf30 drivers/media/test-drivers/vivid/vivid-kthread-cap.c:767 kthread+0x7a9/0x920 kernel/kthread.c:464 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 The composition size cannot be larger than the size of fmt_cap_rect. So execute v4l2_rect_map_inside() even if has_compose_cap == 0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38227 - Linux Vidtv Slab Use-After-Free Vulnerability

CVE ID : CVE-2025-38227 Published : July 4, 2025, 2:15 p.m. | 7 hours, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtv_mux_init. [1] After PSI initialization fails, the si member is accessed again, resulting in this uaf. After si initialization fails, the subsequent process needs to be exited. [1] BUG: KASAN: slab-use-after-free in vidtv_mux_pid_ctx_init drivers/media/test-drivers/vidtv/vidtv_mux.c:78 [inline] BUG: KASAN: slab-use-after-free in vidtv_mux_init+0xac2/0xbe0 drivers/media/test-drivers/vidtv/vidtv_mux.c:524 Read of size 8 at addr ffff88802fa42acc by task syz.2.37/6059 CPU: 0 UID: 0 PID: 6059 Comm: syz.2.37 Not tainted 6.14.0-rc5-syzkaller #0 Hardware name: Google Compute Engine, BIOS Google 02/12/2025 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0xc3/0x670 mm/kasan/report.c:521 kasan_report+0xd9/0x110 mm/kasan/report.c:634 vidtv_mux_pid_ctx_init drivers/media/test-drivers/vidtv/vidtv_mux.c:78 vidtv_mux_init+0xac2/0xbe0 drivers/media/test-drivers/vidtv/vidtv_mux.c:524 vidtv_start_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:194 vidtv_start_feed drivers/media/test-drivers/vidtv/vidtv_bridge.c:239 dmx_section_feed_start_filtering drivers/media/dvb-core/dvb_demux.c:973 dvb_dmxdev_feed_start drivers/media/dvb-core/dmxdev.c:508 [inline] dvb_dmxdev_feed_restart.isra.0 drivers/media/dvb-core/dmxdev.c:537 dvb_dmxdev_filter_stop+0x2b4/0x3a0 drivers/media/dvb-core/dmxdev.c:564 dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline] dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246 __fput+0x3ff/0xb70 fs/file_table.c:464 task_work_run+0x14e/0x250 kernel/task_work.c:227 exit_task_work include/linux/task_work.h:40 [inline] do_exit+0xad8/0x2d70 kernel/exit.c:938 do_group_exit+0xd3/0x2a0 kernel/exit.c:1087 __do_sys_exit_group kernel/exit.c:1098 [inline] __se_sys_exit_group kernel/exit.c:1096 [inline] __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1096 x64_sys_call+0x151f/0x1720 arch/x86/include/generated/asm/syscalls_64.h:232 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f871d58d169 Code: Unable to access opcode bytes at 0x7f871d58d13f. RSP: 002b:00007fff4b19a788 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f871d58d169 RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 00007fff4b19a7ec R08: 0000000b4b19a87f R09: 00000000000927c0 R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000003 R13: 00000000000927c0 R14: 000000000001d553 R15: 00007fff4b19a840 Allocated by task 6059: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394 kmalloc_noprof include/linux/slab.h:901 [inline] kzalloc_noprof include/linux/slab.h:1037 [inline] vidtv_psi_pat_table_init drivers/media/test-drivers/vidtv/vidtv_psi.c:970 vidtv_channel_si_init drivers/media/test-drivers/vidtv/vidtv_channel.c:423 vidtv_mux_init drivers/media/test-drivers/vidtv/vidtv_mux.c:519 vidtv_start_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:194 vidtv_start_feed drivers/media/test-drivers/vidtv/vidtv_bridge.c:239 dmx_section_feed_start_filtering drivers/media/dvb-core/dvb_demux.c:973 dvb_dmxdev_feed_start drivers/media/dvb-core/dmxdev.c:508 [inline] dvb_dmxdev_feed_restart.isra.0 drivers/media/dvb-core/dmxdev.c:537 dvb_dmxdev_filter_stop+0x2b4/0x3a0 drivers/media/dvb-core/dmxdev.c:564 dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline] dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246 __fput+0x3ff/0xb70 fs/file_tabl ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38221 - Linux Kernel ext4 Out-of-Bounds Punch Offset Vulnerability

CVE ID : CVE-2025-38221 Published : July 4, 2025, 2:15 p.m. | 5 hours, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ext4: fix out of bounds punch offset Punching a hole with a start offset that exceeds max_end is not permitted and will result in a negative length in the truncate_inode_partial_folio() function while truncating the page cache, potentially leading to undesirable consequences. A simple reproducer: truncate -s 9895604649994 /mnt/foo xfs_io -c "pwrite 8796093022208 4096" /mnt/foo xfs_io -c "fpunch 8796093022213 25769803777" /mnt/foo kernel BUG at include/linux/highmem.h:275! Oops: invalid opcode: 0000 [#1] SMP PTI CPU: 3 UID: 0 PID: 710 Comm: xfs_io Not tainted 6.15.0-rc3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014 RIP: 0010:zero_user_segments.constprop.0+0xd7/0x110 RSP: 0018:ffffc90001cf3b38 EFLAGS: 00010287 RAX: 0000000000000005 RBX: ffffea0001485e40 RCX: 0000000000001000 RDX: 000000000040b000 RSI: 0000000000000005 RDI: 000000000040b000 RBP: 000000000040affb R08: ffff888000000000 R09: ffffea0000000000 R10: 0000000000000003 R11: 00000000fffc7fc5 R12: 0000000000000005 R13: 000000000040affb R14: ffffea0001485e40 R15: ffff888031cd3000 FS: 00007f4f63d0b780(0000) GS:ffff8880d337d000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000001ae0b038 CR3: 00000000536aa000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: truncate_inode_partial_folio+0x3dd/0x620 truncate_inode_pages_range+0x226/0x720 ? bdev_getblk+0x52/0x3e0 ? ext4_get_group_desc+0x78/0x150 ? crc32c_arch+0xfd/0x180 ? __ext4_get_inode_loc+0x18c/0x840 ? ext4_inode_csum+0x117/0x160 ? jbd2_journal_dirty_metadata+0x61/0x390 ? __ext4_handle_dirty_metadata+0xa0/0x2b0 ? kmem_cache_free+0x90/0x5a0 ? jbd2_journal_stop+0x1d5/0x550 ? __ext4_journal_stop+0x49/0x100 truncate_pagecache_range+0x50/0x80 ext4_truncate_page_cache_block_range+0x57/0x3a0 ext4_punch_hole+0x1fe/0x670 ext4_fallocate+0x792/0x17d0 ? __count_memcg_events+0x175/0x2a0 vfs_fallocate+0x121/0x560 ksys_fallocate+0x51/0xc0 __x64_sys_fallocate+0x24/0x40 x64_sys_call+0x18d2/0x4170 do_syscall_64+0xa7/0x220 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fix this by filtering out cases where the punching start offset exceeds max_end. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38222 - Linux ext4 Inline Data Overflow

CVE ID : CVE-2025-38222 Published : July 4, 2025, 2:15 p.m. | 5 hours, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4_prepare_inline_data When running the following code on an ext4 filesystem with inline_data feature enabled, it will lead to the bug below. fd = open("file1", O_RDWR | O_CREAT | O_TRUNC, 0666); ftruncate(fd, 30); pwrite(fd, "a", 1, (1UL 40) + 5UL); That happens because write_begin will succeed as when ext4_generic_write_inline_data calls ext4_prepare_inline_data, pos + len will be truncated, leading to ext4_prepare_inline_data parameter to be 6 instead of 0x10000000006. Then, later when write_end is called, we hit: BUG_ON(pos + len > EXT4_I(inode)->i_inline_size); at ext4_write_inline_data. Fix it by using a loff_t type for the len parameter in ext4_prepare_inline_data instead of an unsigned int. [ 44.545164] ------------[ cut here ]------------ [ 44.545530] kernel BUG at fs/ext4/inline.c:240! [ 44.545834] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 44.546172] CPU: 3 UID: 0 PID: 343 Comm: test Not tainted 6.15.0-rc2-00003-g9080916f4863 #45 PREEMPT(full) 112853fcebfdb93254270a7959841d2c6aa2c8bb [ 44.546523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 44.546523] RIP: 0010:ext4_write_inline_data+0xfe/0x100 [ 44.546523] Code: 3c 0e 48 83 c7 48 48 89 de 5b 41 5c 41 5d 41 5e 41 5f 5d e9 e4 fa 43 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 0f 0b 0b 0f 1f 44 00 00 55 41 57 41 56 41 55 41 54 53 48 83 ec 20 49 [ 44.546523] RSP: 0018:ffffb342008b79a8 EFLAGS: 00010216 [ 44.546523] RAX: 0000000000000001 RBX: ffff9329c579c000 RCX: 0000010000000006 [ 44.546523] RDX: 000000000000003c RSI: ffffb342008b79f0 RDI: ffff9329c158e738 [ 44.546523] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 44.546523] R10: 00007ffffffff000 R11: ffffffff9bd0d910 R12: 0000006210000000 [ 44.546523] R13: fffffc7e4015e700 R14: 0000010000000005 R15: ffff9329c158e738 [ 44.546523] FS: 00007f4299934740(0000) GS:ffff932a60179000(0000) knlGS:0000000000000000 [ 44.546523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.546523] CR2: 00007f4299a1ec90 CR3: 0000000002886002 CR4: 0000000000770eb0 [ 44.546523] PKRU: 55555554 [ 44.546523] Call Trace: [ 44.546523] [ 44.546523] ext4_write_inline_data_end+0x126/0x2d0 [ 44.546523] generic_perform_write+0x17e/0x270 [ 44.546523] ext4_buffered_write_iter+0xc8/0x170 [ 44.546523] vfs_write+0x2be/0x3e0 [ 44.546523] __x64_sys_pwrite64+0x6d/0xc0 [ 44.546523] do_syscall_64+0x6a/0xf0 [ 44.546523] ? __wake_up+0x89/0xb0 [ 44.546523] ? xas_find+0x72/0x1c0 [ 44.546523] ? next_uptodate_folio+0x317/0x330 [ 44.546523] ? set_pte_range+0x1a6/0x270 [ 44.546523] ? filemap_map_pages+0x6ee/0x840 [ 44.546523] ? ext4_setattr+0x2fa/0x750 [ 44.546523] ? do_pte_missing+0x128/0xf70 [ 44.546523] ? security_inode_post_setattr+0x3e/0xd0 [ 44.546523] ? ___pte_offset_map+0x19/0x100 [ 44.546523] ? handle_mm_fault+0x721/0xa10 [ 44.546523] ? do_user_addr_fault+0x197/0x730 [ 44.546523] ? do_syscall_64+0x76/0xf0 [ 44.546523] ? arch_exit_to_user_mode_prepare+0x1e/0x60 [ 44.546523] ? irqentry_exit_to_user_mode+0x79/0x90 [ 44.546523] entry_SYSCALL_64_after_hwframe+0x55/0x5d [ 44.546523] RIP: 0033:0x7f42999c6687 [ 44.546523] Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 44.546523] RSP: 002b:00007ffeae4a7930 EFLAGS: 00000202 ORIG_RAX: 0000000000000012 [ 44.546523] RAX: ffffffffffffffda RBX: 00007f4299934740 RCX: 00007f42999c6687 [ 44.546523] RDX: 0000000000000001 RSI: 000055ea6149200f RDI: 0000000000000003 [ 44.546523] RBP: 00007ffeae4a79a0 R08: 0000000000000000 R09: 0000000000000000 [ 44.546523] R10: 0000010000000005 R11: 0000000000000202 R12: 0000 ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38223 - Ceph: Kernel BUG on encrypted inode with unaligned file size

CVE ID : CVE-2025-38223 Published : July 4, 2025, 2:15 p.m. | 5 hours, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUG_ON for the case of encrypted inode with unaligned file size (for example, 33K or 1K): [ 877.737811] run fstests generic/397 at 2025-01-03 12:34:40 [ 877.875761] libceph: mon0 (2)127.0.0.1:40674 session established [ 877.876130] libceph: client4614 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949 [ 877.991965] libceph: mon0 (2)127.0.0.1:40674 session established [ 877.992334] libceph: client4617 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949 [ 878.017234] libceph: mon0 (2)127.0.0.1:40674 session established [ 878.017594] libceph: client4620 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949 [ 878.031394] xfs_io (pid 18988) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 878.054528] libceph: mon0 (2)127.0.0.1:40674 session established [ 878.054892] libceph: client4623 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949 [ 878.070287] libceph: mon0 (2)127.0.0.1:40674 session established [ 878.070704] libceph: client4626 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949 [ 878.264586] libceph: mon0 (2)127.0.0.1:40674 session established [ 878.265258] libceph: client4629 fsid 19b90bca-f1ae-47a6-93dd-0b03ee637949 [ 878.374578] -----------[ cut here ]------------ [ 878.374586] kernel BUG at net/ceph/messenger.c:1070! [ 878.375150] Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 878.378145] CPU: 2 UID: 0 PID: 4759 Comm: kworker/2:9 Not tainted 6.13.0-rc5+ #1 [ 878.378969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 878.380167] Workqueue: ceph-msgr ceph_con_workfn [ 878.381639] RIP: 0010:ceph_msg_data_cursor_init+0x42/0x50 [ 878.382152] Code: 89 17 48 8b 46 70 55 48 89 47 08 c7 47 18 00 00 00 00 48 89 e5 e8 de cc ff ff 5d 31 c0 31 d2 31 f6 31 ff c3 cc cc cc cc 0f 0b 0b 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 [ 878.383928] RSP: 0018:ffffb4ffc7cbbd28 EFLAGS: 00010287 [ 878.384447] RAX: ffffffff82bb9ac0 RBX: ffff981390c2f1f8 RCX: 0000000000000000 [ 878.385129] RDX: 0000000000009000 RSI: ffff981288232b58 RDI: ffff981390c2f378 [ 878.385839] RBP: ffffb4ffc7cbbe18 R08: 0000000000000000 R09: 0000000000000000 [ 878.386539] R10: 0000000000000000 R11: 0000000000000000 R12: ffff981390c2f030 [ 878.387203] R13: ffff981288232b58 R14: 0000000000000029 R15: 0000000000000001 [ 878.387877] FS: 0000000000000000(0000) GS:ffff9814b7900000(0000) knlGS:0000000000000000 [ 878.388663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 878.389212] CR2: 00005e106a0554e0 CR3: 0000000112bf0001 CR4: 0000000000772ef0 [ 878.389921] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 878.390620] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 878.391307] PKRU: 55555554 [ 878.391567] Call Trace: [ 878.391807] [ 878.392021] ? show_regs+0x71/0x90 [ 878.392391] ? die+0x38/0xa0 [ 878.392667] ? do_trap+0xdb/0x100 [ 878.392981] ? do_error_trap+0x75/0xb0 [ 878.393372] ? ceph_msg_data_cursor_init+0x42/0x50 [ 878.393842] ? exc_invalid_op+0x53/0x80 [ 878.394232] ? ceph_msg_data_cursor_init+0x42/0x50 [ 878.394694] ? asm_exc_invalid_op+0x1b/0x20 [ 878.395099] ? ceph_msg_data_cursor_init+0x42/0x50 [ 878.395583] ? ceph_con_v2_try_read+0xd16/0x2220 [ 878.396027] ? _raw_spin_unlock+0xe/0x40 [ 878.396428] ? raw_spin_rq_unlock+0x10/0x40 [ 878.396842] ? finish_task_switch.isra.0+0x97/0x310 [ 878.397338] ? __schedule+0x44b/0x16b0 [ 878.397738] ceph_con_workfn+0x326/0x750 [ 878.398121] process_one_work+0x188/0x3d0 [ 878.398522] ? __pfx_worker_thread+0x10/0x10 [ 878.398929] worker_thread+0x2b5/0x3c0 [ 878.399310] ? __pfx_worker_thread+0x10/0x10 [ 878.399727] kthread+0xe1/0x120 [ 878.400031] ? __pfx_kthread+0x10/0x10 [ 878.400431] ret_from_fork+0x43/0x70 [ 878.400771] ? __pfx_kthread+0x10/0x10 [ 878.401127] ret_from_fork_asm+0x1a/0x30 [ 878.401543] [ 878.401760] Modules l ---truncated--- Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38217 - Linux Kernel hwmon ftsteutates Time-of-Check to Time-of-Use (TOCTOU) Race Condition

CVE ID : CVE-2025-38217 Published : July 4, 2025, 2:15 p.m. | 3 hours, 45 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: hwmon: (ftsteutates) Fix TOCTOU race in fts_read() In the fts_read() function, when handling hwmon_pwm_auto_channels_temp, the code accesses the shared variable data->fan_source[channel] twice without holding any locks. It is first checked against FTS_FAN_SOURCE_INVALID, and if the check passes, it is read again when used as an argument to the BIT() macro. This creates a Time-of-Check to Time-of-Use (TOCTOU) race condition. Another thread executing fts_update_device() can modify the value of data->fan_source[channel] between the check and its use. If the value is changed to FTS_FAN_SOURCE_INVALID (0xff) during this window, the BIT() macro will be called with a large shift value (BIT(255)). A bit shift by a value greater than or equal to the type width is undefined behavior and can lead to a crash or incorrect values being returned to userspace. Fix this by reading data->fan_source[channel] into a local variable once, eliminating the race condition. Additionally, add a bounds check to ensure the value is less than BITS_PER_LONG before passing it to the BIT() macro, making the code more robust against undefined behavior. This possible bug was found by an experimental static analysis tool developed by our team. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38218 - "QEMU F2FS Linux Kernel Sit Bitmap Size Out-of-Bounds Write Vulnerability"

CVE ID : CVE-2025-38218 Published : July 4, 2025, 2:15 p.m. | 3 hours, 45 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sit_bitmap_size w/ below testcase, resize will generate a corrupted image which contains inconsistent metadata, so when mounting such image, it will trigger kernel panic: touch img truncate -s $((512*1024*1024*1024)) img mkfs.f2fs -f img $((256*1024*1024)) resize.f2fs -s -i img -t $((1024*1024*1024)) mount img /mnt/f2fs ------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.h:863! Oops: invalid opcode: 0000 [#1] SMP PTI CPU: 11 UID: 0 PID: 3922 Comm: mount Not tainted 6.15.0-rc1+ #191 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:f2fs_ra_meta_pages+0x47c/0x490 Call Trace: f2fs_build_segment_manager+0x11c3/0x2600 f2fs_fill_super+0xe97/0x2840 mount_bdev+0xf4/0x140 legacy_get_tree+0x2b/0x50 vfs_get_tree+0x29/0xd0 path_mount+0x487/0xaf0 __x64_sys_mount+0x116/0x150 do_syscall_64+0x82/0x190 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7fdbfde1bcfe The reaseon is: sit_i->bitmap_size is 192, so size of sit bitmap is 192*8=1536, at maximum there are 1536 sit blocks, however MAIN_SEGS is 261893, so that sit_blk_cnt is 4762, build_sit_entries() -> current_sit_addr() tries to access out-of-boundary in sit_bitmap at offset from [1536, 4762), once sit_bitmap and sit_bitmap_mirror is not the same, it will trigger f2fs_bug_on(). Let's add sanity check in f2fs_sanity_check_ckpt() to avoid panic. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38219 - Linux F2FS Negative Inode Link Vulnerability

CVE ID : CVE-2025-38219 Published : July 4, 2025, 2:15 p.m. | 3 hours, 45 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: f2fs: prevent kernel warning due to negative i_nlink from corrupted image WARNING: CPU: 1 PID: 9426 at fs/inode.c:417 drop_nlink+0xac/0xd0 home/cc/linux/fs/inode.c:417 Modules linked in: CPU: 1 UID: 0 PID: 9426 Comm: syz-executor568 Not tainted 6.14.0-12627-g94d471a4f428 #2 PREEMPT(full) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 RIP: 0010:drop_nlink+0xac/0xd0 home/cc/linux/fs/inode.c:417 Code: 48 8b 5d 28 be 08 00 00 00 48 8d bb 70 07 00 00 e8 f9 67 e6 ff f0 48 ff 83 70 07 00 00 5b 5d e9 9a 12 82 ff e8 95 12 82 ff 90 <0f> 0b 90 c7 45 48 ff ff ff ff 5b 5d e9 83 12 82 ff e8 fe 5f e6 ff RSP: 0018:ffffc900026b7c28 EFLAGS: 00010293 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8239710f RDX: ffff888041345a00 RSI: ffffffff8239717b RDI: 0000000000000005 RBP: ffff888054509ad0 R08: 0000000000000005 R09: 0000000000000000 R10: 0000000000000000 R11: ffffffff9ab36f08 R12: ffff88804bb40000 R13: ffff8880545091e0 R14: 0000000000008000 R15: ffff8880545091e0 FS: 000055555d0c5880(0000) GS:ffff8880eb3e3000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f915c55b178 CR3: 0000000050d20000 CR4: 0000000000352ef0 Call Trace: f2fs_i_links_write home/cc/linux/fs/f2fs/f2fs.h:3194 [inline] f2fs_drop_nlink+0xd1/0x3c0 home/cc/linux/fs/f2fs/dir.c:845 f2fs_delete_entry+0x542/0x1450 home/cc/linux/fs/f2fs/dir.c:909 f2fs_unlink+0x45c/0x890 home/cc/linux/fs/f2fs/namei.c:581 vfs_unlink+0x2fb/0x9b0 home/cc/linux/fs/namei.c:4544 do_unlinkat+0x4c5/0x6a0 home/cc/linux/fs/namei.c:4608 __do_sys_unlink home/cc/linux/fs/namei.c:4654 [inline] __se_sys_unlink home/cc/linux/fs/namei.c:4652 [inline] __x64_sys_unlink+0xc5/0x110 home/cc/linux/fs/namei.c:4652 do_syscall_x64 home/cc/linux/arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xc7/0x250 home/cc/linux/arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fb3d092324b Code: 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffdc232d938 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb3d092324b RDX: 00007ffdc232d960 RSI: 00007ffdc232d960 RDI: 00007ffdc232d9f0 RBP: 00007ffdc232d9f0 R08: 0000000000000001 R09: 00007ffdc232d7c0 R10: 00000000fffffffd R11: 0000000000000206 R12: 00007ffdc232eaf0 R13: 000055555d0cebb0 R14: 00007ffdc232d958 R15: 0000000000000001 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38220 - Linux Kernel ext4 NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38220 Published : July 4, 2025, 2:15 p.m. | 3 hours, 45 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Trace: ext4_block_zero_page_range+0x30c/0x380 [ext4] ext4_truncate+0x436/0x440 [ext4] ext4_process_orphan+0x5d/0x110 [ext4] ext4_orphan_cleanup+0x124/0x4f0 [ext4] ext4_fill_super+0x262d/0x3110 [ext4] get_tree_bdev_flags+0x132/0x1d0 vfs_get_tree+0x26/0xd0 vfs_cmd_create+0x59/0xe0 __do_sys_fsconfig+0x4ed/0x6b0 do_syscall_64+0x82/0x170 ... This occurs when processing a symlink inode from the orphan list. The partial block zeroing code in the truncate path calls ext4_dirty_journalled_data() -> folio_mark_dirty(). The latter calls mapping->a_ops->dirty_folio(), but symlink inodes are not assigned an a_ops vector in ext4, hence the crash. To avoid this problem, update the ext4_dirty_journalled_data() helper to only mark the folio dirty on regular files (for which a_ops is assigned). This also matches the journaling logic in the ext4_symlink() creation path, where ext4_handle_dirty_metadata() is called directly. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38215 - Linux Kernel fbdev Null-Pointer Dereference Vulnerability

CVE ID : CVE-2025-38215 Published : July 4, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode() in do_register_framebuffer() fails to allocate memory for fb_videomode, it will later lead to a null-ptr dereference in fb_videomode_to_var(), as the fb_info is registered while not having the mode in modelist that is expected to be there, i.e. the one that is described in fb_info->var. ================================================================ general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901 Call Trace: display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929 fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071 resize_screen drivers/tty/vt/vt.c:1176 [inline] vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263 fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720 fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776 do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128 fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x67/0xd1 ================================================================ Even though fbcon_init() checks beforehand if fb_match_mode() in var_to_display() fails, it can not prevent the panic because fbcon_init() does not return error code. Considering this and the comment in the code about fb_match_mode() returning NULL - "This should not happen" - it is better to prevent registering the fb_info if its mode was not set successfully. Also move fb_add_videomode() closer to the beginning of do_register_framebuffer() to avoid having to do the cleanup on fail. Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38216 - "Apple IOMMU VT-d Device Aliasing Vulnerability"

CVE ID : CVE-2025-38216 Published : July 4, 2025, 2:15 p.m. | 1 hour, 56 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Restore context entry setup order for aliased devices Commit 2031c469f816 ("iommu/vt-d: Add support for static identity domain") changed the context entry setup during domain attachment from a set-and-check policy to a clear-and-reset approach. This inadvertently introduced a regression affecting PCI aliased devices behind PCIe-to-PCI bridges. Specifically, keyboard and touchpad stopped working on several Apple Macbooks with below messages: kernel: platform pxa2xx-spi.3: Adding to iommu group 20 kernel: input: Apple SPI Keyboard as /devices/pci0000:00/0000:00:1e.3/pxa2xx-spi.3/spi_master/spi2/spi-APP000D:00/input/input0 kernel: DMAR: DRHD: handling fault status reg 3 kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr 0xffffa000 [fault reason 0x06] PTE Read access is not set kernel: DMAR: DRHD: handling fault status reg 3 kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr 0xffffa000 [fault reason 0x06] PTE Read access is not set kernel: applespi spi-APP000D:00: Error writing to device: 01 0e 00 00 kernel: DMAR: DRHD: handling fault status reg 3 kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr 0xffffa000 [fault reason 0x06] PTE Read access is not set kernel: DMAR: DRHD: handling fault status reg 3 kernel: applespi spi-APP000D:00: Error writing to device: 01 0e 00 00 Fix this by restoring the previous context setup order. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 14:15:00 GMT

read more

CVE-2025-38177 - Linux Kernel - Sch_hfsc Idempotent Vulnerability

CVE ID : CVE-2025-38177 Published : July 4, 2025, 1:15 p.m. | 44 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 13:15:00 GMT

read more

CVE-2025-48172 - SumatraPDF CHMLib Heap-Based Buffer Overflow

CVE ID : CVE-2025-48172 Published : July 4, 2025, 1:15 p.m. | 44 minutes ago Description : CHMLib through 2bef8d0, as used in SumatraPDF and other products, has a chm_lib.c _chm_decompress_block integer overflow. There is a resultant heap-based buffer overflow in _chm_fetch_bytes. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 13:15:00 GMT

read more

CVE-2025-49809 - MTR Sudo Execution Hijacking Vulnerability

CVE ID : CVE-2025-49809 Published : July 4, 2025, 1:15 p.m. | 44 minutes ago Description : mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 13:15:00 GMT

read more

CVE-2025-7061 - Intelbras InControl CSV Injection Vulnerability

CVE ID : CVE-2025-7061 Published : July 4, 2025, 1:15 p.m. | 44 minutes ago Description : A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 13:15:00 GMT

read more

CVE-2025-49866 - Nikel Beautiful Cookie Consent Banner Cross-site Scripting

CVE ID : CVE-2025-49866 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikel Beautiful Cookie Consent Banner allows Reflected XSS. This issue affects Beautiful Cookie Consent Banner: from n/a through 4.6.1. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-49867 - InspiryThemes RealHomes Privilege Escalation Vulnerability

CVE ID : CVE-2025-49867 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege Escalation. This issue affects RealHomes: from n/a through 4.4.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-49870 - Cozmoslabs Paid Member Subscriptions SQL Injection

CVE ID : CVE-2025-49870 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozmoslabs Paid Member Subscriptions allows SQL Injection. This issue affects Paid Member Subscriptions: from n/a through 2.15.1. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-4414 - CMSMasters Content Composer Remote File Inclusion Vulnerability

CVE ID : CVE-2025-4414 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cmsmasters CMSMasters Content Composer allows PHP Local File Inclusion. This issue affects CMSMasters Content Composer: from n/a through n/a. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-50032 - Paytiko for WooCommerce Missing Authorization Vulnerability

CVE ID : CVE-2025-50032 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Missing Authorization vulnerability in Paytiko - Payment Orchestration Platform Paytiko for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paytiko for WooCommerce: from n/a through 1.3.14. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-50039 - VG WORT METIS Missing Authorization Vulnerability

CVE ID : CVE-2025-50039 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Missing Authorization vulnerability in vgwort VG WORT METIS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects VG WORT METIS: from n/a through 2.0.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52718 - Bearsthemes Alone Code Injection Vulnerability

CVE ID : CVE-2025-52718 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone allows Remote Code Inclusion. This issue affects Alone: from n/a through 7.8.2. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52776 - Thanhtungtnt Video List Manager Cross-site Scripting

CVE ID : CVE-2025-52776 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thanhtungtnt Video List Manager allows Stored XSS. This issue affects Video List Manager: from n/a through 1.7. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52796 - WordPress WP-Recall Cross-site Scripting

CVE ID : CVE-2025-52796 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tggfref WP-Recall allows Reflected XSS. This issue affects WP-Recall: from n/a through 16.26.14. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52798 - Eyecix JobSearch Cross-site Scripting

CVE ID : CVE-2025-52798 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch allows Reflected XSS. This issue affects JobSearch: from n/a through 2.9.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52805 - Leyka Path Traversal PHP Local File Inclusion Vulnerability

CVE ID : CVE-2025-52805 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Path Traversal vulnerability in VaultDweller Leyka allows PHP Local File Inclusion. This issue affects Leyka: from n/a through 3.31.9. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52807 - ApusWP Kossy PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-52807 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusWP Kossy - Minimalist eCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects Kossy - Minimalist eCommerce WordPress Theme: from n/a through 1.45. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52813 - MobiLoud Missing Authorization Vulnerability

CVE ID : CVE-2025-52813 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Missing Authorization vulnerability in pietro MobiLoud allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MobiLoud: from n/a through 4.6.5. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52828 - Designthemes Red Art Java Deserialization Object Injection Vulnerability

CVE ID : CVE-2025-52828 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Deserialization of Untrusted Data vulnerability in designthemes Red Art allows Object Injection. This issue affects Red Art: from n/a through 3.7. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52830 - bSecure Universal Checkout SQL Injection

CVE ID : CVE-2025-52830 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bsecuretech bSecure – Your Universal Checkout allows Blind SQL Injection. This issue affects bSecure – Your Universal Checkout: from n/a through 1.7.9. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52831 - Thanhtungtnt Video List Manager SQL Injection

CVE ID : CVE-2025-52831 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager allows SQL Injection. This issue affects Video List Manager: from n/a through 1.7. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52832 - "WPO-HR NGG Smart Image Search SQL Injection"

CVE ID : CVE-2025-52832 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpo-HR NGG Smart Image Search allows SQL Injection. This issue affects NGG Smart Image Search: from n/a through 3.4.1. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-52833 - Designthemes LMS SQL Injection

CVE ID : CVE-2025-52833 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in designthemes LMS allows SQL Injection. This issue affects LMS: from n/a through 9.1. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-6056 - Ergon Informatik AG Airlock IAM Information Disclosure

CVE ID : CVE-2025-6056 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Timing difference in password reset in Ergon Informatik AG's Airlock IAM 7.7.9, 8.0.8, 8.1.7, 8.2.4 and 8.3.1 allows unauthenticated attackers to enumerate usernames. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-6740 - Contact Form 7 Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6740 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : The Contact Form 7 Database Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tmpD’ parameter in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-7066 - Jirafeau MIME Type Bypass Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7066 Published : July 4, 2025, 12:15 p.m. | 1 hour, 44 minutes ago Description : Jirafeau normally prevents browser preview for text files due to the possibility that for example SVG and HTML documents could be exploited for cross site scripting. This was done by storing the MIME type of a file and allowing only browser preview for MIME types beginning with image (except for image/svg+xml, see CVE-2022-30110 and CVE-2024-12326), video and audio. However, it was possible to bypass this check by sending a manipulated MIME type containing a comma and an other MIME type like text/html (for example image/png,text/html). Browsers see multiple MIME types and text/html would takes precedence, allowing a possible attacker to do a cross-site scripting attack. The check for MIME types was enhanced to prevent a browser preview when the stored MIME type contains a comma. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 12:15:00 GMT

read more

CVE-2025-38174 - "Thunderbolt: Double Dequeue Vulnerability"

CVE ID : CVE-2025-38174 Published : July 4, 2025, 11:15 a.m. | 42 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in tb_cfg_request_dequeue(): general protection fault, probably for non-canonical address 0xdead000000000122 CPU: 6 PID: 91007 Comm: kworker/6:2 Tainted: G U W 6.6.65 RIP: 0010:tb_cfg_request_dequeue+0x2d/0xa0 Call Trace: ? tb_cfg_request_dequeue+0x2d/0xa0 tb_cfg_request_work+0x33/0x80 worker_thread+0x386/0x8f0 kthread+0xed/0x110 ret_from_fork+0x38/0x50 ret_from_fork_asm+0x1b/0x30 The circumstances are unclear, however, the theory is that tb_cfg_request_work() can be scheduled twice for a request: first time via frame.callback from ring_work() and second time from tb_cfg_request(). Both times kworkers will execute tb_cfg_request_dequeue(), which results in double list_del() from the ctl->request_queue (the list poison deference hints at it: 0xdead000000000122). Do not dequeue requests that don't have TB_CFG_REQUEST_ACTIVE bit set. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 11:15:00 GMT

read more

CVE-2025-38175 - Linux Kernel Binder UAF Vulnerability

CVE ID : CVE-2025-38175 Published : July 4, 2025, 11:15 a.m. | 42 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: binder: fix yet another UAF in binder_devices Commit e77aff5528a18 ("binderfs: fix use-after-free in binder_devices") addressed a use-after-free where devices could be released without first being removed from the binder_devices list. However, there is a similar path in binder_free_proc() that was missed: ================================================================== BUG: KASAN: slab-use-after-free in binder_remove_device+0xd4/0x100 Write of size 8 at addr ffff0000c773b900 by task umount/467 CPU: 12 UID: 0 PID: 467 Comm: umount Not tainted 6.15.0-rc7-00138-g57483a362741 #9 PREEMPT Hardware name: linux,dummy-virt (DT) Call trace: binder_remove_device+0xd4/0x100 binderfs_evict_inode+0x230/0x2f0 evict+0x25c/0x5dc iput+0x304/0x480 dentry_unlink_inode+0x208/0x46c __dentry_kill+0x154/0x530 [...] Allocated by task 463: __kmalloc_cache_noprof+0x13c/0x324 binderfs_binder_device_create.isra.0+0x138/0xa60 binder_ctl_ioctl+0x1ac/0x230 [...] Freed by task 215: kfree+0x184/0x31c binder_proc_dec_tmpref+0x33c/0x4ac binder_deferred_func+0xc10/0x1108 process_one_work+0x520/0xba4 [...] ================================================================== Call binder_remove_device() within binder_free_proc() to ensure the device is removed from the binder_devices list before being kfreed. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 11:15:00 GMT

read more

CVE-2025-38176 - Linux Binder Use-After-Free Vulnerability

CVE ID : CVE-2025-38176 Published : July 4, 2025, 11:15 a.m. | 42 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in binderfs_evict_inode() Running 'stress-ng --binderfs 16 --timeout 300' under KASAN-enabled kernel, I've noticed the following: BUG: KASAN: slab-use-after-free in binderfs_evict_inode+0x1de/0x2d0 Write of size 8 at addr ffff88807379bc08 by task stress-ng-binde/1699 CPU: 0 UID: 0 PID: 1699 Comm: stress-ng-binde Not tainted 6.14.0-rc7-g586de92313fc-dirty #13 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014 Call Trace: dump_stack_lvl+0x1c2/0x2a0 ? __pfx_dump_stack_lvl+0x10/0x10 ? __pfx__printk+0x10/0x10 ? __pfx_lock_release+0x10/0x10 ? __virt_addr_valid+0x18c/0x540 ? __virt_addr_valid+0x469/0x540 print_report+0x155/0x840 ? __virt_addr_valid+0x18c/0x540 ? __virt_addr_valid+0x469/0x540 ? __phys_addr+0xba/0x170 ? binderfs_evict_inode+0x1de/0x2d0 kasan_report+0x147/0x180 ? binderfs_evict_inode+0x1de/0x2d0 binderfs_evict_inode+0x1de/0x2d0 ? __pfx_binderfs_evict_inode+0x10/0x10 evict+0x524/0x9f0 ? __pfx_lock_release+0x10/0x10 ? __pfx_evict+0x10/0x10 ? do_raw_spin_unlock+0x4d/0x210 ? _raw_spin_unlock+0x28/0x50 ? iput+0x697/0x9b0 __dentry_kill+0x209/0x660 ? shrink_kill+0x8d/0x2c0 shrink_kill+0xa9/0x2c0 shrink_dentry_list+0x2e0/0x5e0 shrink_dcache_parent+0xa2/0x2c0 ? __pfx_shrink_dcache_parent+0x10/0x10 ? __pfx_lock_release+0x10/0x10 ? __pfx_do_raw_spin_lock+0x10/0x10 do_one_tree+0x23/0xe0 shrink_dcache_for_umount+0xa0/0x170 generic_shutdown_super+0x67/0x390 kill_litter_super+0x76/0xb0 binderfs_kill_super+0x44/0x90 deactivate_locked_super+0xb9/0x130 cleanup_mnt+0x422/0x4c0 ? lockdep_hardirqs_on+0x9d/0x150 task_work_run+0x1d2/0x260 ? __pfx_task_work_run+0x10/0x10 resume_user_mode_work+0x52/0x60 syscall_exit_to_user_mode+0x9a/0x120 do_syscall_64+0x103/0x210 ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0xcac57b Code: c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 f3 0f 1e fa 31 f6 e9 05 00 00 00 0f 1f 44 00 00 f3 0f 1e fa b8 RSP: 002b:00007ffecf4226a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 RAX: 0000000000000000 RBX: 00007ffecf422720 RCX: 0000000000cac57b RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffecf422850 RBP: 00007ffecf422850 R08: 0000000028d06ab1 R09: 7fffffffffffffff R10: 3fffffffffffffff R11: 0000000000000246 R12: 00007ffecf422718 R13: 00007ffecf422710 R14: 00007f478f87b658 R15: 00007ffecf422830 Allocated by task 1705: kasan_save_track+0x3e/0x80 __kasan_kmalloc+0x8f/0xa0 __kmalloc_cache_noprof+0x213/0x3e0 binderfs_binder_device_create+0x183/0xa80 binder_ctl_ioctl+0x138/0x190 __x64_sys_ioctl+0x120/0x1b0 do_syscall_64+0xf6/0x210 entry_SYSCALL_64_after_hwframe+0x77/0x7f Freed by task 1705: kasan_save_track+0x3e/0x80 kasan_save_free_info+0x46/0x50 __kasan_slab_free+0x62/0x70 kfree+0x194/0x440 evict+0x524/0x9f0 do_unlinkat+0x390/0x5b0 __x64_sys_unlink+0x47/0x50 do_syscall_64+0xf6/0x210 entry_SYSCALL_64_after_hwframe+0x77/0x7f This 'stress-ng' workload causes the concurrent deletions from 'binder_devices' and so requires full-featured synchronization to prevent list corruption. I've found this issue independently but pretty sure that syzbot did the same, so Reported-by: and Closes: should be applicable here as well. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 11:15:00 GMT

read more

CVE-2025-7060 - Monitorr Remote File Inclusion Vulnerability

CVE ID : CVE-2025-7060 Published : July 4, 2025, 11:15 a.m. | 42 minutes ago Description : A vulnerability was found in Monitorr up to 1.7.6m. It has been classified as problematic. This affects an unknown part of the file assets/config/_installation/mkdbajax.php of the component Installer. The manipulation of the argument datadir leads to improper input validation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 11:15:00 GMT

read more

CVE-2025-5920 - WordPress Password Protected Posts Information Disclosure

CVE ID : CVE-2025-5920 Published : July 4, 2025, 10:15 a.m. | 1 hour, 43 minutes ago Description : The Sharable Password Protected Posts before version 1.1.1 allows access to password protected posts by providing a secret key in a GET parameter. However, the key is exposed by the REST API. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 10:15:00 GMT

read more

CVE-2025-27358 - mndpsingh287 Frontend File Manager Basic XSS Vulnerability

CVE ID : CVE-2025-27358 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mndpsingh287 Frontend File Manager allows Code Injection. This issue affects Frontend File Manager: from n/a through 23.2. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28951 - CreedAlly Bulk Featured Image Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-28951 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image allows Upload a Web Shell to a Web Server. This issue affects Bulk Featured Image: from n/a through 1.2.1. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28957 - OwnerRez Cross-Site Scripting

CVE ID : CVE-2025-28957 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OwnerRez OwnerRez allows Stored XSS. This issue affects OwnerRez: from n/a through 1.2.1. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28963 - "URL Shortener Server-Side Request Forgery"

CVE ID : CVE-2025-28963 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Server-Side Request Forgery (SSRF) vulnerability in Md Yeasin Ul Haider URL Shortener allows Server Side Request Forgery. This issue affects URL Shortener: from n/a through 3.0.7. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28967 - Steve Truman Contact People LITE SQL Injection

CVE ID : CVE-2025-28967 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Steve Truman Contact Us page - Contact people LITE allows SQL Injection. This issue affects Contact Us page - Contact people LITE: from n/a through 3.7.4. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28969 - Cybio Gallery Widget SQL Injection

CVE ID : CVE-2025-28969 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cybio Gallery Widget allows SQL Injection. This issue affects Gallery Widget: from n/a through 1.2.1. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-28971 - CWD Web Designer Easy Elements Hider Cross-site Scripting Vulnerability

CVE ID : CVE-2025-28971 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CWD Web Designer Easy Elements Hider allows Stored XSS. This issue affects Easy Elements Hider: from n/a through 2.0. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-29001 - ZoomIt WooCommerce Shop Page Builder Missing Authorization Vulnerability

CVE ID : CVE-2025-29001 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Missing Authorization vulnerability in ZoomIt WooCommerce Shop Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-29007 - LMSACE Connect Missing Authorization Vulnerability

CVE ID : CVE-2025-29007 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Missing Authorization vulnerability in LMSACE LMSACE Connect allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LMSACE Connect: from n/a through 3.4. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-29012 - Kamleshyadav CF7 Mailchimp Add-on Authorization Bypass

CVE ID : CVE-2025-29012 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.2. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30929 - Amazon Web Services (AWS) fluXtore Authorization Bypass

CVE ID : CVE-2025-30929 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Missing Authorization vulnerability in amazewp fluXtore allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects fluXtore: from n/a through 1.6.0. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30943 - Aakif Kadiwala Posts Slider Shortcode Cross-site Scripting (XSS)

CVE ID : CVE-2025-30943 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aakif Kadiwala Posts Slider Shortcode allows DOM-Based XSS. This issue affects Posts Slider Shortcode: from n/a through 1.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30947 - Gopiplus Cool Fade Popup SQL Injection

CVE ID : CVE-2025-30947 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Cool fade popup allows Blind SQL Injection. This issue affects Cool fade popup: from n/a through 10.1. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30969 - Gopiplus iFrame Images Gallery SQL Injection

CVE ID : CVE-2025-30969 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus iFrame Images Gallery allows SQL Injection. This issue affects iFrame Images Gallery: from n/a through 9.0. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30979 - Gopiplus Pixelating image slideshow gallery SQL Injection

CVE ID : CVE-2025-30979 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Pixelating image slideshow gallery allows SQL Injection. This issue affects Pixelating image slideshow gallery: from n/a through 8.0. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-30983 - Gopiplus Card Flip Image Slideshow Cross-Site Scripting (XSS)

CVE ID : CVE-2025-30983 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Card flip image slideshow allows DOM-Based XSS. This issue affects Card flip image slideshow: from n/a through 1.5. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-53566 - Osama.esh WP Visitor Statistics Cross-site Scripting

CVE ID : CVE-2025-53566 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) allows Stored XSS. This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.8. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-53568 - Tony Zeoli Radio Station CSRF Vulnerability

CVE ID : CVE-2025-53568 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli Radio Station allows Cross Site Request Forgery. This issue affects Radio Station: from n/a through 2.5.12. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-53569 - Trust Payments Gateway for WooCommerce CSRF Vulnerability

CVE ID : CVE-2025-53569 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Trust Payments Trust Payments Gateway for WooCommerce (JavaScript Library) allows Cross Site Request Forgery. This issue affects Trust Payments Gateway for WooCommerce (JavaScript Library): from n/a through 1.3.6. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-5351 - LibSSH Double Free Vulnerability

CVE ID : CVE-2025-5351 Published : July 4, 2025, 9:15 a.m. | 2 hours, 43 minutes ago Description : A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed. Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-24748 - LambertGroup All In One Slider Responsive SQL Injection

CVE ID : CVE-2025-24748 Published : July 4, 2025, 9:15 a.m. | 41 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup All In One Slider Responsive allows SQL Injection. This issue affects All In One Slider Responsive: from n/a through 3.7.9. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-24757 - Long Watch Studio MyRewards Cross-site Scripting

CVE ID : CVE-2025-24757 Published : July 4, 2025, 9:15 a.m. | 41 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Long Watch Studio MyRewards allows Stored XSS. This issue affects MyRewards: from n/a through 5.4.13.1. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-24764 - A Jones Simply Guest Author Name Cross-site Scripting (XSS)

CVE ID : CVE-2025-24764 Published : July 4, 2025, 9:15 a.m. | 41 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A. Jones (Simply) Guest Author Name allows DOM-Based XSS. This issue affects (Simply) Guest Author Name: from n/a through 4.36. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-26591 - Noor Alam WP Fancybox Cross-site Scripting Vulnerability

CVE ID : CVE-2025-26591 Published : July 4, 2025, 9:15 a.m. | 41 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam WP fancybox allows Stored XSS. This issue affects WP fancybox: from n/a through 1.0.4. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2025-27326 - bPlugins Video Gallery Block Stored Cross-site Scripting

CVE ID : CVE-2025-27326 Published : July 4, 2025, 9:15 a.m. | 41 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Video Gallery Block – Display your videos as a gallery in a professional way allows Stored XSS. This issue affects Video Gallery Block – Display your videos as a gallery in a professional way: from n/a through 1.1.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 09:15:00 GMT

read more

CVE-2024-11937 - Elementor Premium Addons Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-11937 Published : July 4, 2025, 8:15 a.m. | 52 minutes ago Description : The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile Menu element in all versions up to, and including, 4.10.69 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-32918 - Checkmk Livestatus Command Injection Vulnerability

CVE ID : CVE-2025-32918 Published : July 4, 2025, 8:15 a.m. | 52 minutes ago Description : Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-53599 - Whale Browser iOS Script Execution Vulnerability

CVE ID : CVE-2025-53599 Published : July 4, 2025, 8:15 a.m. | 52 minutes ago Description : Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the browser via a crafted javascript scheme. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-53600 - Whale Browser Same-Origin Policy Bypass

CVE ID : CVE-2025-53600 Published : July 4, 2025, 8:15 a.m. | 52 minutes ago Description : Whale browser before 4.32.315.22 allow an attacker to bypass the Same-Origin Policy in a dual-tab environment. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-6673 - WordPress Easy Restaurant Menu Manager Stored Cross-Site Scripting

CVE ID : CVE-2025-6673 Published : July 4, 2025, 8:15 a.m. | 52 minutes ago Description : The Easy restaurant menu manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's nsc_eprm_menu_link shortcode in versions up to, and including 2.0.1, due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 08:15:00 GMT

read more

CVE-2025-5372 - OpenSSL SSH Key Derivation Buffer Initialization Vulnerability

CVE ID : CVE-2025-5372 Published : July 4, 2025, 6:15 a.m. | 2 hours, 52 minutes ago Description : A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 06:15:00 GMT

read more

CVE-2025-6944 - Uncode Core WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-6944 Published : July 4, 2025, 6:15 a.m. | 2 hours, 52 minutes ago Description : The Uncode Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'uncode_hl_text' and 'uncode_text_icon' shortcodes in all versions up to, and including, 2.9.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 06:15:00 GMT

read more

CVE-2025-5567 - WordPress Shortcodes Ultimate Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5567 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data-url' DOM element attribute in all versions up to, and including, 7.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5924 - "WordPress Firebase Push Notification CSRF"

CVE ID : CVE-2025-5924 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The WP Firebase Push Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the wfpn_brodcast_notification_message() function. This makes it possible for unauthenticated attackers to send broadcast notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5933 - WordPress RD Contacto CSRF Vulnerability

CVE ID : CVE-2025-5933 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The RD Contacto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the rdWappUpdateData() function. This makes it possible for unauthenticated attackers to update plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5953 - WordPress WP Human Resource Management Privilege Escalation

CVE ID : CVE-2025-5953 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The WP Human Resource Management plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the ajax_insert_employee() and update_empoyee() functions in versions 2.0.0 through 2.2.17. The AJAX handler reads the client-supplied $_POST['role'] and, after basic cleaning via hrm_clean(), passes it directly to wp_insert_user() and later to $user->set_role() without verifying that the current user is allowed to assign that role. This makes it possible for authenticated attackers, with Employee-level access and above, to elevate their privileges to administrator. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5956 - WP Human Resource Management Plugin Arbitrary User Deletion Vulnerability

CVE ID : CVE-2025-5956 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The WP Human Resource Management plugin for WordPress is vulnerable to Arbitrary User Deletion due to a missing authorization within the ajax_delete_employee() function in versions 2.0.0 through 2.2.17. The plugin’s deletion handler reads the client-supplied $_POST['delete'] array and passes each ID directly to wp_delete_user() without verifying that the caller has the delete_users capability or limiting which user IDs may be removed. This makes it possible for authenticated attackers, with Employee-level access and above, to delete arbitrary accounts, including administrators. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6039 - WordPress ProcessingJS Stored Cross-Site Scripting

CVE ID : CVE-2025-6039 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The ProcessingJS for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pjs4wp' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6041 - WordPress yContributors CSRF

CVE ID : CVE-2025-6041 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The yContributors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5. This is due to missing or incorrect nonce validation on the 'yContributors' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6238 - WordPress AI Engine Plugin Open Redirect Vulnerability

CVE ID : CVE-2025-6238 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The AI Engine plugin for WordPress is vulnerable to open redirect in version 2.8.4. This is due to an insecure OAuth implementation, as the 'redirect_uri' parameter is missing validation during the authorization flow. This makes it possible for unauthenticated attackers to intercept the authorization code and obtain an access token by redirecting the user to an attacker-controlled URI. Note: OAuth is disabled, the 'Meow_MWAI_Labs_OAuth' class is not loaded in the plugin in the patched version 2.8.5. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6586 - WordPress Download Plugin Remote Code Execution (RCE) Vulnerability

CVE ID : CVE-2025-6586 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The Download Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dpwap_plugin_locInstall function in all versions up to, and including, 2.2.8. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6729 - WordPress PayMaster for WooCommerce SSRF Vulnerability

CVE ID : CVE-2025-6729 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The PayMaster for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.4.31 via the 'wp_ajax_paym_status' AJAX action This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6739 - WordPress WPQuiz SQL Injection Vulnerability

CVE ID : CVE-2025-6739 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The WPQuiz plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute of the 'wpquiz' shortcode in all versions up to, and including, 0.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6782 - GoZen Forms WordPress SQL Injection Vulnerability

CVE ID : CVE-2025-6782 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the dirGZActiveForm() function in all versions up to, and including, 1.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6783 - WordPress GoZen Forms SQL Injection

CVE ID : CVE-2025-6783 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the emdedSc() function in all versions up to, and including, 1.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6786 - DocCheck Login for WordPress Information Disclosure

CVE ID : CVE-2025-6786 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The DocCheck Login plugin for WordPress is vulnerable to unauthorized post access in all versions up to, and including, 1.1.5. This is due to plugin redirecting a user to login on a password protected post after the page has loaded. This makes it possible for unauthenticated attackers to read posts they should not have access to. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6787 - WordPress Smart Docs Stored Cross-Site Scripting

CVE ID : CVE-2025-6787 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'smartdocs_search' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-6814 - Booking X WordPress Unauthorized Data Access Vulnerability

CVE ID : CVE-2025-6814 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The Booking X plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_now() function in versions 1.0 to 1.1.2. This makes it possible for unauthenticated attackers to download all plugin data, including user accounts, user meta, and PayPal credentials, by issuing a crafted POST request. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-7046 - Elementor Image Gallery PowerFolio WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7046 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : The Portfolio for Elementor & Image Gallery | PowerFolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom JS Attributes of Plugin's widgets in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The issue was partially fixed in version 3.2.0 and fully fixed in version 3.2.1 Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-7053 - Cockpit Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-7053 Published : July 4, 2025, 3:15 a.m. | 5 hours, 52 minutes ago Description : A vulnerability was found in Cockpit up to 2.11.3. It has been rated as problematic. This issue affects some unknown processing of the file /system/users/save. The manipulation of the argument name/email leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.11.4 is able to address this issue. The patch is named bdcd5e3bc651c0839c7eea807f3eb6af856dbc76. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure and acted very professional. A patch and new release was made available very quickly. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 04 Jul 2025 03:15:00 GMT

read more

CVE-2025-5322 - VikRentCar WordPress Car Rental Management System File Upload Vulnerability (Arbitrary File Upload)

CVE ID : CVE-2025-5322 Published : July 3, 2025, 10:15 p.m. | 9 hours, 56 minutes ago Description : The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the do_updatecar and createcar functions in all versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server, which may make remote code execution possible. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 22:15:00 GMT

read more

CVE-2025-49005 - Next.js App Router/Cache Poisoning Vulnerability

CVE ID : CVE-2025-49005 Published : July 3, 2025, 9:15 p.m. | 10 hours, 56 minutes ago Description : Next.js is a React framework for building full-stack web applications. In Next.js App Router from 15.3.0 to before 15.3.3 and Vercel CLI from 41.4.1 to 42.2.0, a cache poisoning vulnerability was found. The issue allowed page requests for HTML content to return a React Server Component (RSC) payload instead under certain conditions. When deployed to Vercel, this would only impact the browser cache, and would not lead to the CDN being poisoned. When self-hosted and deployed externally, this could lead to cache poisoning if the CDN does not properly distinguish between RSC / HTML in the cache keys. This issue has been resolved in Next.js 15.3.3. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 21:15:00 GMT

read more

CVE-2025-49826 - Next.js Cache Poisoning DoS Vulnerability

CVE ID : CVE-2025-49826 Published : July 3, 2025, 9:15 p.m. | 10 hours, 56 minutes ago Description : Next.js is a React framework for building full-stack web applications. From versions 15.0.4-canary.51 to before 15.1.8, a cache poisoning bug leading to a Denial of Service (DoS) condition was found in Next.js. This issue does not impact customers hosted on Vercel. Under certain conditions, this issue may allow a HTTP 204 response to be cached for static pages, leading to the 204 response being served to all users attempting to access the page. This issue has been addressed in version 15.1.8. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 21:15:00 GMT

read more

CVE-2025-53367 - DjVuLibre Out-of-Bounds Write and Read Vulnerability

CVE ID : CVE-2025-53367 Published : July 3, 2025, 9:15 p.m. | 10 hours, 56 minutes ago Description : DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a heap corruption condition. An out-of-bounds read with pr is also possible for the same reason. This issue has been patched in version 3.5.29. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 21:15:00 GMT

read more

CVE-2025-53370 - Citizen MediaWiki Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53370 Published : July 3, 2025, 8:15 p.m. | 11 hours, 56 minutes ago Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, short descriptions set via the ShortDescription extension are inserted as raw HTML by the Citizen skin, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue has been patched in version 3.4.0. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-53368 - Citizen MediaWiki XSS Injection Vulnerability

CVE ID : CVE-2025-53368 Published : July 3, 2025, 8:15 p.m. | 9 hours, 56 minutes ago Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, page descriptions are inserted into raw HTML without proper sanitization by the Citizen skin when using the old search bar. Any user with page editing privileges can insert cross-site scripting (XSS) payloads into the DOM for other users who are searching for specific pages. This issue has been patched in version 3.4.0. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-53369 - MediaWiki Short Description Cross-Site Scripting

CVE ID : CVE-2025-53369 Published : July 3, 2025, 8:15 p.m. | 9 hours, 56 minutes ago Description : Short Description is a MediaWiki extension that provides local short description support. In version 4.0.0, short descriptions are not properly sanitized before being inserted as HTML using mw.util.addSubtitle, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue has been patched in version 4.0.1. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34061 - PHPStudy Unauthenticated Remote Code Execution Backdoor

CVE ID : CVE-2025-34061 Published : July 3, 2025, 8:15 p.m. | 5 hours, 55 minutes ago Description : A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. The backdoor listens for base64-encoded PHP payloads in the Accept-Charset HTTP header of incoming requests, decodes and executes the payload without proper validation. This leads to remote code execution as the web server user, compromising the affected system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34082 - IGEL OS Command Injection Vulnerability

CVE ID : CVE-2025-34082 Published : July 3, 2025, 8:15 p.m. | 5 hours, 55 minutes ago Description : A command injection vulnerability exists in IGEL OS versions prior to 11.04.270 within the Secure Terminal and Secure Shadow services. The flaw arises due to improper input sanitization in the handling of specially crafted PROXYCMD commands on TCP ports 30022 and 5900. An unauthenticated attacker with network access to a vulnerable device can inject arbitrary commands, leading to remote code execution with elevated privileges. NOTE: IGEL OS v10.x has reached end-of-life (EOL) status. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34086 - Bolt CMS Remote Code Execution Vulnerability

CVE ID : CVE-2025-34086 Published : July 3, 2025, 8:15 p.m. | 5 hours, 55 minutes ago Description : Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, which is rendered unsanitized in backend templates. The attacker can then list and rename cached session files via the /async/browse/cache/.sessions and /async/folder/rename endpoints. By renaming a .session file to a path under the publicly accessible /files/ directory with a .php extension, the attacker can turn the injected code into an executable web shell. Finally, the attacker triggers the payload via a crafted HTTP GET request to the rogue file. NOTE: The vendor announced that Bolt 3 reached end-of-life after 31 December 2021. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34087 - Pi-hole Command Injection Vulnerability

CVE ID : CVE-2025-34087 Published : July 3, 2025, 8:15 p.m. | 5 hours, 55 minutes ago Description : An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When adding a domain to the allowlist via the web interface, the domain parameter is not properly sanitized, allowing an attacker to append OS commands to the domain string. These commands are executed on the underlying operating system with the privileges of the Pi-hole service user. This behavior was present in the legacy AdminLTE interface and has since been patched in later versions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34088 - Pandora FMS Remote Code Execution Vulnerability

CVE ID : CVE-2025-34088 Published : July 3, 2025, 8:15 p.m. | 5 hours, 55 minutes ago Description : An authenticated remote code execution vulnerability exists in Pandora FMS version 7.0NG and earlier. The net_tools.php functionality allows authenticated users to execute arbitrary OS commands via the select_ips parameter when performing network tools operations, such as pinging. This occurs because user input is not properly sanitized before being passed to system commands, enabling command injection. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-34089 - Aexol Studio Remote for Mac Remote Code Execution Vulnerability

CVE ID : CVE-2025-34089 Published : July 3, 2025, 8:15 p.m. | 5 hours, 55 minutes ago Description : An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote control utility developed by Aexol Studio, in versions up to and including 2025.7. When the application is configured with authentication disabled (i.e., the "Allow unknown devices" option is enabled), the /api/executeScript endpoint is exposed without access control. This allows unauthenticated remote attackers to inject arbitrary AppleScript payloads via the X-Script HTTP header, resulting in code execution using do shell script. Successful exploitation grants attackers the ability to run arbitrary commands on the macOS host with the privileges of the Remote for Mac background process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-52554 - n8n Unauthorized Execution Stop Vulnerability

CVE ID : CVE-2025-52554 Published : July 3, 2025, 8:15 p.m. | 5 hours, 55 minutes ago Description : n8n is a workflow automation platform. Prior to version 1.99.1, an authorization vulnerability was discovered in the /rest/executions/:id/stop endpoint of n8n. An authenticated user can stop workflow executions that they do not own or that have not been shared with them, leading to potential business disruption. This issue has been patched in version 1.99.1. A workaround involves restricting access to the /rest/executions/:id/stop endpoint via reverse proxy or API gateway. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 20:15:00 GMT

read more

CVE-2025-23968 - WPCenter AiBud WP Unrestricted File Upload RCE

CVE ID : CVE-2025-23968 Published : July 3, 2025, 7:15 p.m. | 6 hours, 55 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in WPCenter AiBud WP allows Upload a Web Shell to a Web Server.This issue affects AiBud WP: from n/a through 1.8.5. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 19:15:00 GMT

read more

CVE-2025-45809 - BerriAI litellm SQL Injection Vulnerability

CVE ID : CVE-2025-45809 Published : July 3, 2025, 7:15 p.m. | 6 hours, 55 minutes ago Description : BerriAI litellm v1.65.4 was discovered to contain a SQL injection vulnerability via the /key/block endpoint. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 19:15:00 GMT

read more

CVE-2025-53489 - Wikimedia Foundation Mediawiki GoogleDocs4MW Extension Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53489 Published : July 3, 2025, 5:15 p.m. | 8 hours, 55 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - GoogleDocs4MW Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - GoogleDocs4MW Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-53500 - Wikimedia Foundation Mediawiki MassEditRegex Stored XSS

CVE ID : CVE-2025-53500 Published : July 3, 2025, 5:15 p.m. | 8 hours, 55 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MassEditRegex Extension allows Stored XSS.This issue affects Mediawiki - MassEditRegex Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-53501 - Wikimedia Foundation Mediawiki Scribunto Extension Access Control Bypass

CVE ID : CVE-2025-53501 Published : July 3, 2025, 5:15 p.m. | 8 hours, 55 minutes ago Description : Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-53502 - WikiMedia Mediawiki FeaturedFeeds Extension Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-53502 Published : July 3, 2025, 5:15 p.m. | 8 hours, 55 minutes ago Description : Improper Input Validation vulnerability in Wikimedia Foundation Mediawiki - FeaturedFeeds Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - FeaturedFeeds Extension: 1.39.X, 1.42.X, 1.43.X. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6071 - ABB RMC-100 ABB RMC-100 LITE Hard-coded Cryptographic Key Information Disclosure

CVE ID : CVE-2025-6071 Published : July 3, 2025, 5:15 p.m. | 8 hours, 55 minutes ago Description : Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6072 - ABB RMC-100/100 LITE Stack-based Buffer Overflow

CVE ID : CVE-2025-6072 Published : July 3, 2025, 5:15 p.m. | 8 hours, 55 minutes ago Description : Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6073 - ABB RMC-100/LITE Stack-based Buffer Overflow

CVE ID : CVE-2025-6073 Published : July 3, 2025, 5:15 p.m. | 8 hours, 55 minutes ago Description : Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer for username or password. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6074 - ABB RMC-100/100 LITE Hard-coded Cryptographic Key Authentication Bypass

CVE ID : CVE-2025-6074 Published : July 3, 2025, 5:15 p.m. | 8 hours, 55 minutes ago Description : Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to source code and control network, the attacker can bypass the REST interface authentication and gain access to MQTT configuration data. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-6926 - Wikimedia Foundation Mediawiki CentralAuth Extension Authentication Bypass Vulnerability

CVE ID : CVE-2025-6926 Published : July 3, 2025, 5:15 p.m. | 8 hours, 55 minutes ago Description : Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-49846 - Wire iOS Unauthenticated System Log Disclosure

CVE ID : CVE-2025-49846 Published : July 3, 2025, 5:15 p.m. | 4 hours, 57 minutes ago Description : wire-ios is an iOS client for the Wire secure messaging application. From Wire iOS 3.111.1 to before 3.124.1, messages that were visible in the view port have been logged to the iOS system logs in clear text. Wire application logs created and managed by the application itself were not affected, especially not the logs users can export and send to Wire support. The iOS logs can only be accessed if someone had (physical) access to the underlying unlocked device. The issue manifested itself by calling canOpenUrl() and passing an invalid URL object. When iOS then performs the check and fails, it logs the contents to the system log. This is not documented behaviour. Wire released an emergency fix with version 3.124.1. As a workaround, users can reset their iOS device to remove the offending logs. Since Wire cannot access or modify iOS system logs, there's no other workaround other than a reset. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-48939 - Tarteaucitron.js Script Element Property Clobbering Vulnerability

CVE ID : CVE-2025-48939 Published : July 3, 2025, 5:15 p.m. | 2 hours, 35 minutes ago Description : tarteaucitron.js is a compliant and accessible cookie banner. Prior to version 1.22.0, a vulnerability was identified in tarteaucitron.js where document.currentScript was accessed without verifying that it referenced an actual element. If an attacker injected an HTML element, it could clobber the document.currentScript property. This causes the script to resolve incorrectly to an element instead of the tag, leading to unexpected behavior or failure to load the script path correctly. This issue arises because in some browser environments, named DOM elements become properties on the global document object. An attacker with control over the HTML could exploit this to change the CDN domain of tarteaucitron. This issue has been patched in version 1.22.0. Severity: 4.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 17:15:00 GMT

read more

CVE-2025-53490 - Wikimedia Foundation Mediawiki CampaignEvents Extension Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53490 Published : July 3, 2025, 4:15 p.m. | 3 hours, 35 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 16:15:00 GMT

read more

CVE-2025-45938 - Akeles Out of Office Assistant for Jira XSS

CVE ID : CVE-2025-45938 Published : July 3, 2025, 3:15 p.m. | 4 hours, 35 minutes ago Description : Akeles Out of Office Assistant for Jira 4.0.1 is vulberable to Cross Site Scripting (XSS) via the Jira fullName parameter. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 15:15:00 GMT

read more

Fiabiliser la vérification d'identité à distance avec l’European Digital Identity Wallet

]]>

Thu, 03 Jul 2025 14:34:00 GMT

read more

CVE-2025-43713 - ASNA Assist and ASNA Registrar Deserialization Vulnerability

CVE ID : CVE-2025-43713 Published : July 3, 2025, 2:15 p.m. | 5 hours, 35 minutes ago Description : ASNA Assist and ASNA Registrar before 2025-03-31 allow deserialization attacks against .NET remoting. These are Windows system services that support license key management and deprecated Windows network authentication. The services are implemented with .NET remoting and can be exploited via well-known deserialization techniques inherent in the technology. Because the services run with SYSTEM-level rights, exploits can be crafted to achieve escalation of privilege and arbitrary code execution. This affects DataGate for SQL Server 17.0.36.0 and 16.0.89.0, DataGate Component Suite 17.0.36.0 and 16.0.89.0, DataGate Monitor 17.0.26.0 and 16.0.65.0, DataGate WebPak 17.0.37.0 and 16.0.90.0, Monarch for .NET 11.4.50.0 and 10.0.62.0, Encore RPG 4.1.36.0, Visual RPG .NET FW 17.0.37.0 and 16.0.90.0, Visual RPG .NET FW Windows Deployment 17.0.36.0 and 16.0.89.0, WingsRPG 11.0.38.0 and 10.0.95.0, Mobile RPG 11.0.35.0 and 10.0.94.0, Monarch Framework for .NET FW 11.0.36.0 and 10.0.89.0, Browser Terminal 17.0.37.0 and 16.0.90.0, Visual RPG Classic 5.2.7.0 and 5.1.17.0, Visual RPG Deployment 5.2.7.0 and 5.1.17.0, and DataGate Studio 17.0.38.0 and 16.0.104.0. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-50258 - Tenda AC6 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50258 Published : July 3, 2025, 2:15 p.m. | 5 hours, 35 minutes ago Description : Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the SetSysTimeCfg function via the time parameter. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-50260 - Tenda AC6 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50260 Published : July 3, 2025, 2:15 p.m. | 5 hours, 35 minutes ago Description : Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-50262 - Tenda AC6 Buffer Overflow Vulnerability

CVE ID : CVE-2025-50262 Published : July 3, 2025, 2:15 p.m. | 5 hours, 35 minutes ago Description : Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetQosBand function via the list parameter. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-50263 - Tenda AC6 Buffer Overflow

CVE ID : CVE-2025-50263 Published : July 3, 2025, 2:15 p.m. | 5 hours, 35 minutes ago Description : Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the list parameter. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-5961 - NGINX WordPress Plugin WPvivid Backup Migration Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-5961 Published : July 3, 2025, 2:15 p.m. | 5 hours, 35 minutes ago Description : The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvivid_upload_import_files' function in all versions up to, and including, 0.9.116. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. NOTE: Uploaded files are only accessible on WordPress instances running on the NGINX web server as the existing .htaccess within the target file upload folder prevents access on Apache servers. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 14:15:00 GMT

read more

CVE-2025-3702 - Melapress File Monitor Missing Authorization Vulnerability

CVE ID : CVE-2025-3702 Published : July 3, 2025, 1:15 p.m. | 6 hours, 35 minutes ago Description : Missing Authorization vulnerability in Melapress Melapress File Monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Melapress File Monitor: from n/a before 2.2.0. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-49032 - PublishPress Gutenberg Blocks Cross-Site Scripting (XSS)

CVE ID : CVE-2025-49032 Published : July 3, 2025, 1:15 p.m. | 6 hours, 35 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PublishPress Gutenberg Blocks allows Stored XSS.This issue affects Gutenberg Blocks: from n/a through 3.3.1. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-49595 - n8n Denial of Service (DoS) Vulnerability

CVE ID : CVE-2025-49595 Published : July 3, 2025, 1:15 p.m. | 6 hours, 35 minutes ago Description : n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs (filesystem:// or filesystem-v2://). This allows authenticated attackers to cause service unavailability through malformed filesystem URI requests, effecting the /rest/binary-data endpoint and n8n.cloud instances (confirmed HTTP/2 524 timeout responses). Attackers can exploit this by sending GET requests with empty filesystem URIs (filesystem:// or filesystem-v2://) to the /rest/binary-data endpoint, causing resource exhaustion and service disruption. This issue has been patched in version 1.99.0. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-49618 - "Plesk Obsidian AWS Credentials Disclosure"

CVE ID : CVE-2025-49618 Published : July 3, 2025, 1:15 p.m. | 6 hours, 35 minutes ago Description : In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-2537 - WordPress ThickBox Stored Cross-Site Scripting

CVE ID : CVE-2025-2537 Published : July 3, 2025, 1:15 p.m. | 4 hours, 54 minutes ago Description : Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled ThickBox JavaScript library (version 3.1) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-2932 - JKDEVKIT WordPress Arbitrary File Deletion Vulnerability

CVE ID : CVE-2025-2932 Published : July 3, 2025, 1:15 p.m. | 4 hours, 54 minutes ago Description : The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'font_upload_handler' function in all versions up to, and including, 1.9.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). If WooCommerce is enabled, attackers will need Contributor-level access and above. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 13:15:00 GMT

read more

CVE-2025-27454 - Adobe ColdFusion CSRF

CVE ID : CVE-2025-27454 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : The application is vulnerable to cross-site request forgery. An attacker can trick a valid, logged in user into submitting a web request that they did not intend. The request uses the victim's browser's saved authorization to execute the request. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27455 - Apache Clickjacking Vulnerability

CVE ID : CVE-2025-27455 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or allowing others to take control of their computer while clicking on seemingly innocuous objects. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27456 - Cisco SMB Authentication Brute Force

CVE ID : CVE-2025-27456 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : The SMB server's login mechanism does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27457 - RealVNC Unencrypted Communication Information Disclosure

CVE ID : CVE-2025-27457 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : All communication between the VNC server and client(s) is unencrypted. This allows an attacker to intercept the traffic and obtain sensitive data. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27458 - VNC Password Derivation Vulnerability

CVE ID : CVE-2025-27458 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : The VNC authentication mechanism bases on a challenge-response system where both server and client use the same password for encryption. The challenge is sent from the server to the client, is encrypted by the client and sent back. The server does the same encryption locally and if the responses match it is prooven that the client knows the correct password. Since all VNC communication is unencrypted, an attacker can obtain the challenge and response and try to derive the password from this information. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27459 - VNC Weak Password Storage

CVE ID : CVE-2025-27459 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : The VNC application stores its passwords encrypted within the registry but uses DES for encryption. As DES is broken, the original passwords can be recovered. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27460 - Dell Device Physical Storage Unencrypted Vulnerability

CVE ID : CVE-2025-27460 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : The hard drives of the device are not encrypted using a full volume encryption feature such as BitLocker. This allows an attacker with physical access to the device to use an alternative operating system to interact with the hard drives, completely circumventing the Windows login. The attacker can read from and write to all files on the hard drives. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27461 - "HP Device EPC2 Passwordless Login Vulnerability"

CVE ID : CVE-2025-27461 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : During startup, the device automatically logs in the EPC2 Windows user without requesting a password. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-2540 - WordPress PrettyPhoto Stored Cross-Site Scripting

CVE ID : CVE-2025-2540 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library (version 3.1.6) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-40722 - Flatboard Pro Stored XSS

CVE ID : CVE-2025-40722 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the replace parameter in /config.php/tags. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-40723 - Flatboard Pro Stored Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40723 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the footer_text and announcement parameters in config.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-6563 - MikroTik RouterOS Cross-Site Scripting

CVE ID : CVE-2025-6563 Published : July 3, 2025, 12:15 p.m. | 3 hours, 54 minutes ago Description : A cross-site scripting vulnerability is present in the hotspot of MikroTik's RouterOS on versions below 7.19.2. An attacker can inject the `javascript` protocol in the `dst` parameter. When the victim browses to the malicious URL and logs in, the XSS executes. The POST request used to login, can also be converted to a GET request, allowing an attacker to send a specifically crafted URL that automatically logs in the victim (into the attacker's account) and triggers the payload. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27447 - Apache Web Server Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-27447 Published : July 3, 2025, 12:15 p.m. | 1 hour, 54 minutes ago Description : The web application is susceptible to cross-site-scripting attacks. An attacker can create a prepared URL, which injects JavaScript code into the website. The code is executed in the victim's browser when an authenticated administrator clicks the link. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27448 - Apache Dashboards Cross-Site Scripting (XSS)

CVE ID : CVE-2025-27448 Published : July 3, 2025, 12:15 p.m. | 1 hour, 54 minutes ago Description : The web application is susceptible to cross-site-scripting attacks. An attacker who can create new dashboards can inject JavaScript code into the dashboard name which will be executed when the website is loaded. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27449 - Apache MEAC300-FNADE4 Authentication Brute-Force Vulnerability

CVE ID : CVE-2025-27449 Published : July 3, 2025, 12:15 p.m. | 1 hour, 54 minutes ago Description : The MEAC300-FNADE4 does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27450 - MEAC300-FNADE4 Cookie Insecure Transmission Vulnerability

CVE ID : CVE-2025-27450 Published : July 3, 2025, 12:15 p.m. | 1 hour, 54 minutes ago Description : The Secure attribute is missing on multiple cookies provided by the MEAC300-FNADE4. An attacker can trick a user to establish an unencrypted HTTP connection to the server and intercept the request containing the PHPSESSID cookie. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27451 - Apache Struts Username Enumeration

CVE ID : CVE-2025-27451 Published : July 3, 2025, 12:15 p.m. | 1 hour, 54 minutes ago Description : For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27452 - Apache MEAC300-FNADE4 Unsecured Module Configuration Vulnerability

CVE ID : CVE-2025-27452 Published : July 3, 2025, 12:15 p.m. | 1 hour, 54 minutes ago Description : The configuration of the Apache httpd webserver which serves the MEAC300-FNADE4 web application, is partly insecure. There are modules activated that are not required for the operation of the FNADE4 web application. The functionality of the some modules pose a risk to the webserver which enable dircetory listing. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2025-27453 - Apache PHP HttpOnly Cookie Access Vulnerability

CVE ID : CVE-2025-27453 Published : July 3, 2025, 12:15 p.m. | 1 hour, 54 minutes ago Description : The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, the cookie can be accessed by other sources such as JavaScript. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 12:15:00 GMT

read more

CVE-2024-5647 - WordPress Magnific Popups Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-5647 Published : July 3, 2025, 10:15 a.m. | 1 hour, 57 minutes ago Description : Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Magnific Popups library (version 1.1.0) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability was fixed in the upstream library (Magnific Popups version 1.2.0) by disabling the loading of HTML within certain fields by default. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 10:15:00 GMT

read more

CVE-2025-0885 - OpenText GroupWise Unauthorized Calendar Access Vulnerability

CVE ID : CVE-2025-0885 Published : July 3, 2025, 10:15 a.m. | 1 hour, 57 minutes ago Description : Incorrect Authorization vulnerability in OpenText™ GroupWise allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow unauthorized access to calendar items marked private. This issue affects GroupWise versions 7 through 17.5, 23.4, 24.1, 24.2, 24.3, 24.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 10:15:00 GMT

read more

CVE-2025-6587 - Docker Desktop Environment Variable Disclosure Vulnerability

CVE ID : CVE-2025-6587 Published : July 3, 2025, 10:15 a.m. | 1 hour, 57 minutes ago Description : System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain secrets and further use them to gain unauthorized access to other systems. Starting with version 4.43.0 Docker Desktop no longer logs system environment variables as part of diagnostics log collection. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 10:15:00 GMT

read more

CVE-2025-38151 - Linux Kernel RDMA cma: Work Queue Corruption Vulnerability

CVE ID : CVE-2025-38151 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work The cited commit fixed a crash when cma_netevent_callback was called for a cma_id while work on that id from a previous call had not yet started. The work item was re-initialized in the second call, which corrupted the work item currently in the work queue. However, it left a problem when queue_work fails (because the item is still pending in the work queue from a previous call). In this case, cma_id_put (which is called in the work handler) is therefore not called. This results in a userspace process hang (zombie process). Fix this by calling cma_id_put() if queue_work fails. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38153 - Allegro USB Network AQC111 Uninitialized Memory Access Vulnerability

CVE ID : CVE-2025-38153 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error (see report [1]) in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar to the one fixed in commit 920a9fa27e78 ("net: asix: add proper error handling of usb read errors"). For instance, usbnet_read_cmd() may read fewer than 'size' bytes, even if the caller expected the full amount, and aqc111_read_cmd() will not check its result properly. As [1] shows, this may lead to MAC address in aqc111_bind() being only partly initialized, triggering KMSAN warnings. Fix the issue by verifying that the number of bytes read is as expected and not less. [1] Partial syzbot report: BUG: KMSAN: uninit-value in is_valid_ether_addr include/linux/etherdevice.h:208 [inline] BUG: KMSAN: uninit-value in usbnet_probe+0x2e57/0x4390 drivers/net/usb/usbnet.c:1830 is_valid_ether_addr include/linux/etherdevice.h:208 [inline] usbnet_probe+0x2e57/0x4390 drivers/net/usb/usbnet.c:1830 usb_probe_interface+0xd01/0x1310 drivers/usb/core/driver.c:396 call_driver_probe drivers/base/dd.c:-1 [inline] really_probe+0x4d1/0xd90 drivers/base/dd.c:658 __driver_probe_device+0x268/0x380 drivers/base/dd.c:800 ... Uninit was stored to memory at: dev_addr_mod+0xb0/0x550 net/core/dev_addr_lists.c:582 __dev_addr_set include/linux/netdevice.h:4874 [inline] eth_hw_addr_set include/linux/etherdevice.h:325 [inline] aqc111_bind+0x35f/0x1150 drivers/net/usb/aqc111.c:717 usbnet_probe+0xbe6/0x4390 drivers/net/usb/usbnet.c:1772 usb_probe_interface+0xd01/0x1310 drivers/usb/core/driver.c:396 ... Uninit was stored to memory at: ether_addr_copy include/linux/etherdevice.h:305 [inline] aqc111_read_perm_mac drivers/net/usb/aqc111.c:663 [inline] aqc111_bind+0x794/0x1150 drivers/net/usb/aqc111.c:713 usbnet_probe+0xbe6/0x4390 drivers/net/usb/usbnet.c:1772 usb_probe_interface+0xd01/0x1310 drivers/usb/core/driver.c:396 call_driver_probe drivers/base/dd.c:-1 [inline] ... Local variable buf.i created at: aqc111_read_perm_mac drivers/net/usb/aqc111.c:656 [inline] aqc111_bind+0x221/0x1150 drivers/net/usb/aqc111.c:713 usbnet_probe+0xbe6/0x4390 drivers/net/usb/usbnet.c:1772 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38154 - Linux Kernel BPF Sockmap Use After Free Vulnerability

CVE ID : CVE-2025-38154 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sk_socket after free when sending The sk->sk_socket is not locked or referenced in backlog thread, and during the call to skb_send_sock(), there is a race condition with the release of sk_socket. All types of sockets(tcp/udp/unix/vsock) will be affected. Race conditions: ''' CPU0 CPU1 backlog::skb_send_sock sendmsg_unlocked sock_sendmsg sock_sendmsg_nosec close(fd): ... ops->release() -> sock_map_close() sk_socket->ops = NULL free(socket) sock->ops->sendmsg ^ panic here ''' The ref of psock become 0 after sock_map_close() executed. ''' void sock_map_close() { ... if (likely(psock)) { ... // !! here we remove psock and the ref of psock become 0 sock_map_remove_links(sk, psock) psock = sk_psock_get(sk); if (unlikely(!psock)) goto no_psock; == Control jumps here via goto ... cancel_delayed_work_sync(&psock->work); == not executed sk_psock_put(sk, psock); ... } ''' Based on the fact that we already wait for the workqueue to finish in sock_map_close() if psock is held, we simply increase the psock reference count to avoid race conditions. With this patch, if the backlog thread is running, sock_map_close() will wait for the backlog thread to complete and cancel all pending work. If no backlog running, any pending work that hasn't started by then will fail when invoked by sk_psock_get(), as the psock reference count have been zeroed, and sk_psock_drop() will cancel all jobs via cancel_delayed_work_sync(). In summary, we require synchronization to coordinate the backlog thread and close() thread. The panic I catched: ''' Workqueue: events sk_psock_backlog RIP: 0010:sock_sendmsg+0x21d/0x440 RAX: 0000000000000000 RBX: ffffc9000521fad8 RCX: 0000000000000001 ... Call Trace: ? die_addr+0x40/0xa0 ? exc_general_protection+0x14c/0x230 ? asm_exc_general_protection+0x26/0x30 ? sock_sendmsg+0x21d/0x440 ? sock_sendmsg+0x3e0/0x440 ? __pfx_sock_sendmsg+0x10/0x10 __skb_send_sock+0x543/0xb70 sk_psock_backlog+0x247/0xb80 ... ''' Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38155 - "Qualcomm Atheros mt76 Wireless Null Pointer Dereference Vulnerability"

CVE ID : CVE-2025-38155 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7915_mmio_wed_init() does not check for this case, which results in a NULL pointer dereference. Prevent null pointer dereference in mt7915_mmio_wed_init(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38156 - Marvell MT7996 Null Pointer Dereference Vulnerability (WiFi)

CVE ID : CVE-2025-38156 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix null-ptr-deref in mt7996_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7996_mmio_wed_init() does not check for this case, which results in a NULL pointer dereference. Prevent null pointer dereference in mt7996_mmio_wed_init() Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38157 - "Qualcomm ath9k_htc USB WMI Out-of-Bounds Read/Write"

CVE ID : CVE-2025-38157 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Abort software beacon handling if disabled A malicious USB device can send a WMI_SWBA_EVENTID event from an ath9k_htc-managed device before beaconing has been enabled. This causes a device-by-zero error in the driver, leading to either a crash or an out of bounds read. Prevent this by aborting the handling in ath9k_htc_swba() if beacons are not enabled. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38158 - Hisi Acc VFio PCI DMA Address Error Vulnerability

CVE ID : CVE-2025-38158 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that there was an error when the data read from the register was combined into an address. Therefore, the address combination sequence needs to be corrected. Even after fixing the above problem, we still have an issue where the Guest from an old kernel can get migrated to new kernel and may result in wrong data. In order to ensure that the address is correct after migration, if an old magic number is detected, the dma address needs to be updated. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38159 - "RTW88 WiFi Out-of-Bounds Read"

CVE ID : CVE-2025-38159 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], ¶[1])', which reads 5 bytes: void rtw_fw_bt_wifi_control(struct rtw_dev *rtwdev, u8 op_code, u8 *data) { ... SET_BT_WIFI_CONTROL_DATA1(h2c_pkt, *data); SET_BT_WIFI_CONTROL_DATA2(h2c_pkt, *(data + 1)); ... SET_BT_WIFI_CONTROL_DATA5(h2c_pkt, *(data + 4)); Detected using the static analysis tool - Svace. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38160 - Raspberry Pi Linux Kernel NULL Pointer Dereference Vulnerability

CVE ID : CVE-2025-38160 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, raspberrypi_clk_register() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38161 - "IBM Mellanox mlx5 RDMA Use-After-Free Vulnerability"

CVE ID : CVE-2025-38161 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction Upon RQ destruction if the firmware command fails which is the last resource to be destroyed some SW resources were already cleaned regardless of the failure. Now properly rollback the object to its original state upon such failure. In order to avoid a use-after free in case someone tries to destroy the object again, which results in the following kernel trace: refcount_t: underflow; use-after-free. WARNING: CPU: 0 PID: 37589 at lib/refcount.c:28 refcount_warn_saturate+0xf4/0x148 Modules linked in: rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) rfkill mlx5_core(OE) mlxdevm(OE) ib_uverbs(OE) ib_core(OE) psample mlxfw(OE) mlx_compat(OE) macsec tls pci_hyperv_intf sunrpc vfat fat virtio_net net_failover failover fuse loop nfnetlink vsock_loopback vmw_vsock_virtio_transport_common vmw_vsock_vmci_transport vmw_vmci vsock xfs crct10dif_ce ghash_ce sha2_ce sha256_arm64 sha1_ce virtio_console virtio_gpu virtio_blk virtio_dma_buf virtio_mmio dm_mirror dm_region_hash dm_log dm_mod xpmem(OE) CPU: 0 UID: 0 PID: 37589 Comm: python3 Kdump: loaded Tainted: G OE ------- --- 6.12.0-54.el10.aarch64 #1 Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : refcount_warn_saturate+0xf4/0x148 lr : refcount_warn_saturate+0xf4/0x148 sp : ffff80008b81b7e0 x29: ffff80008b81b7e0 x28: ffff000133d51600 x27: 0000000000000001 x26: 0000000000000000 x25: 00000000ffffffea x24: ffff00010ae80f00 x23: ffff00010ae80f80 x22: ffff0000c66e5d08 x21: 0000000000000000 x20: ffff0000c66e0000 x19: ffff00010ae80340 x18: 0000000000000006 x17: 0000000000000000 x16: 0000000000000020 x15: ffff80008b81b37f x14: 0000000000000000 x13: 2e656572662d7265 x12: ffff80008283ef78 x11: ffff80008257efd0 x10: ffff80008283efd0 x9 : ffff80008021ed90 x8 : 0000000000000001 x7 : 00000000000bffe8 x6 : c0000000ffff7fff x5 : ffff0001fb8e3408 x4 : 0000000000000000 x3 : ffff800179993000 x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000133d51600 Call trace: refcount_warn_saturate+0xf4/0x148 mlx5_core_put_rsc+0x88/0xa0 [mlx5_ib] mlx5_core_destroy_rq_tracked+0x64/0x98 [mlx5_ib] mlx5_ib_destroy_wq+0x34/0x80 [mlx5_ib] ib_destroy_wq_user+0x30/0xc0 [ib_core] uverbs_free_wq+0x28/0x58 [ib_uverbs] destroy_hw_idr_uobject+0x34/0x78 [ib_uverbs] uverbs_destroy_uobject+0x48/0x240 [ib_uverbs] __uverbs_cleanup_ufile+0xd4/0x1a8 [ib_uverbs] uverbs_destroy_ufile_hw+0x48/0x120 [ib_uverbs] ib_uverbs_close+0x2c/0x100 [ib_uverbs] __fput+0xd8/0x2f0 __fput_sync+0x50/0x70 __arm64_sys_close+0x40/0x90 invoke_syscall.constprop.0+0x74/0xd0 do_el0_svc+0x48/0xe8 el0_svc+0x44/0x1d0 el0t_64_sync_handler+0x120/0x130 el0t_64_sync+0x1a4/0x1a8 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38162 - Linux Kernel Netfilter NFT Set Pipapo Integer Overflow Vulnerability

CVE ID : CVE-2025-38162 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the following multiplication does not overflow: - desc->field_len[] maximum value is U8_MAX multiplied by NFT_PIPAPO_GROUPS_PER_BYTE(f) that can be 2, worst case. - NFT_PIPAPO_BUCKETS(f->bb) is 2^8, worst case. - sizeof(unsigned long), from sizeof(*f->lt), lt in struct nft_pipapo_field. Then, use check_mul_overflow() to multiply by bucket size and then use check_add_overflow() to the alignment for avx2 (if needed). Finally, add lt_size_check_overflow() helper and use it to consolidate this. While at it, replace leftover allocation using the GFP_KERNEL to GFP_KERNEL_ACCOUNT for consistency, in pipapo_resize(). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38163 - "F2FS Sanity Check Denial of Service"

CVE ID : CVE-2025-38163 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sbi->total_valid_block_count syzbot reported a f2fs bug as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/f2fs.h:2521! RIP: 0010:dec_valid_block_count+0x3b2/0x3c0 fs/f2fs/f2fs.h:2521 Call Trace: f2fs_truncate_data_blocks_range+0xc8c/0x11a0 fs/f2fs/file.c:695 truncate_dnode+0x417/0x740 fs/f2fs/node.c:973 truncate_nodes+0x3ec/0xf50 fs/f2fs/node.c:1014 f2fs_truncate_inode_blocks+0x8e3/0x1370 fs/f2fs/node.c:1197 f2fs_do_truncate_blocks+0x840/0x12b0 fs/f2fs/file.c:810 f2fs_truncate_blocks+0x10d/0x300 fs/f2fs/file.c:838 f2fs_truncate+0x417/0x720 fs/f2fs/file.c:888 f2fs_setattr+0xc4f/0x12f0 fs/f2fs/file.c:1112 notify_change+0xbca/0xe90 fs/attr.c:552 do_truncate+0x222/0x310 fs/open.c:65 handle_truncate fs/namei.c:3466 [inline] do_open fs/namei.c:3849 [inline] path_openat+0x2e4f/0x35d0 fs/namei.c:4004 do_filp_open+0x284/0x4e0 fs/namei.c:4031 do_sys_openat2+0x12b/0x1d0 fs/open.c:1429 do_sys_open fs/open.c:1444 [inline] __do_sys_creat fs/open.c:1522 [inline] __se_sys_creat fs/open.c:1516 [inline] __x64_sys_creat+0x124/0x170 fs/open.c:1516 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/syscall_64.c:94 The reason is: in fuzzed image, sbi->total_valid_block_count is inconsistent w/ mapped blocks indexed by inode, so, we should not trigger panic for such case, instead, let's print log and set fsck flag. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38164 - VirtualBox F2FS Inconsistent Segment Type

CVE ID : CVE-2025-38164 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: f2fs: zone: fix to avoid inconsistence in between SIT and SSA w/ below testcase, it will cause inconsistence in between SIT and SSA. create_null_blk 512 2 1024 1024 mkfs.f2fs -m /dev/nullb0 mount /dev/nullb0 /mnt/f2fs/ touch /mnt/f2fs/file f2fs_io pinfile set /mnt/f2fs/file fallocate -l 4GiB /mnt/f2fs/file F2FS-fs (nullb0): Inconsistent segment (0) type [1, 0] in SSA and SIT CPU: 5 UID: 0 PID: 2398 Comm: fallocate Tainted: G O 6.13.0-rc1 #84 Tainted: [O]=OOT_MODULE Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 Call Trace: dump_stack_lvl+0xb3/0xd0 dump_stack+0x14/0x20 f2fs_handle_critical_error+0x18c/0x220 [f2fs] f2fs_stop_checkpoint+0x38/0x50 [f2fs] do_garbage_collect+0x674/0x6e0 [f2fs] f2fs_gc_range+0x12b/0x230 [f2fs] f2fs_allocate_pinning_section+0x5c/0x150 [f2fs] f2fs_expand_inode_data+0x1cc/0x3c0 [f2fs] f2fs_fallocate+0x3c3/0x410 [f2fs] vfs_fallocate+0x15f/0x4b0 __x64_sys_fallocate+0x4a/0x80 x64_sys_call+0x15e8/0x1b80 do_syscall_64+0x68/0x130 entry_SYSCALL_64_after_hwframe+0x67/0x6f RIP: 0033:0x7f9dba5197ca F2FS-fs (nullb0): Stopped filesystem due to reason: 4 The reason is f2fs_gc_range() may try to migrate block in curseg, however, its SSA block is not uptodate due to the last summary block data is still in cache of curseg. In this patch, we add a condition in f2fs_gc_range() to check whether section is opened or not, and skip block migration for opened section. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38165 - Linux BPF Sockmap Panic Vulnerability

CVE ID : CVE-2025-38165 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix panic when calling skb_linearize The panic can be reproduced by executing the command: ./bench sockmap -c 2 -p 1 -a --rx-verdict-ingress --rx-strp 100000 Then a kernel panic was captured: ''' [ 657.460555] kernel BUG at net/core/skbuff.c:2178! [ 657.462680] Tainted: [W]=WARN [ 657.463287] Workqueue: events sk_psock_backlog ... [ 657.469610] [ 657.469738] ? die+0x36/0x90 [ 657.469916] ? do_trap+0x1d0/0x270 [ 657.470118] ? pskb_expand_head+0x612/0xf40 [ 657.470376] ? pskb_expand_head+0x612/0xf40 [ 657.470620] ? do_error_trap+0xa3/0x170 [ 657.470846] ? pskb_expand_head+0x612/0xf40 [ 657.471092] ? handle_invalid_op+0x2c/0x40 [ 657.471335] ? pskb_expand_head+0x612/0xf40 [ 657.471579] ? exc_invalid_op+0x2d/0x40 [ 657.471805] ? asm_exc_invalid_op+0x1a/0x20 [ 657.472052] ? pskb_expand_head+0xd1/0xf40 [ 657.472292] ? pskb_expand_head+0x612/0xf40 [ 657.472540] ? lock_acquire+0x18f/0x4e0 [ 657.472766] ? find_held_lock+0x2d/0x110 [ 657.472999] ? __pfx_pskb_expand_head+0x10/0x10 [ 657.473263] ? __kmalloc_cache_noprof+0x5b/0x470 [ 657.473537] ? __pfx___lock_release.isra.0+0x10/0x10 [ 657.473826] __pskb_pull_tail+0xfd/0x1d20 [ 657.474062] ? __kasan_slab_alloc+0x4e/0x90 [ 657.474707] sk_psock_skb_ingress_enqueue+0x3bf/0x510 [ 657.475392] ? __kasan_kmalloc+0xaa/0xb0 [ 657.476010] sk_psock_backlog+0x5cf/0xd70 [ 657.476637] process_one_work+0x858/0x1a20 ''' The panic originates from the assertion BUG_ON(skb_shared(skb)) in skb_linearize(). A previous commit(see Fixes tag) introduced skb_get() to avoid race conditions between skb operations in the backlog and skb release in the recvmsg path. However, this caused the panic to always occur when skb_linearize is executed. The "--rx-strp 100000" parameter forces the RX path to use the strparser module which aggregates data until it reaches 100KB before calling sockmap logic. The 100KB payload exceeds MAX_MSG_FRAGS, triggering skb_linearize. To fix this issue, just move skb_get into sk_psock_skb_ingress_enqueue. ''' sk_psock_backlog: sk_psock_handle_skb skb_get(skb) = we move it into 'sk_psock_skb_ingress_enqueue' sk_psock_skb_ingress____________ ↓ | | → sk_psock_skb_ingress_self | sk_psock_skb_ingress_enqueue sk_psock_verdict_apply_________________↑ skb_linearize ''' Note that for verdict_apply path, the skb_get operation is unnecessary so we add 'take_ref' param to control it's behavior. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38166 - Linux Kernel BPF ktls Panic Vulnerability

CVE ID : CVE-2025-38166 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:629! ...... [ 2172.944996] PKRU: 55555554 [ 2172.945155] Call Trace: [ 2172.945299] [ 2172.945428] ? die+0x36/0x90 [ 2172.945601] ? do_trap+0xdd/0x100 [ 2172.945795] ? iov_iter_revert+0x178/0x180 [ 2172.946031] ? iov_iter_revert+0x178/0x180 [ 2172.946267] ? do_error_trap+0x7d/0x110 [ 2172.946499] ? iov_iter_revert+0x178/0x180 [ 2172.946736] ? exc_invalid_op+0x50/0x70 [ 2172.946961] ? iov_iter_revert+0x178/0x180 [ 2172.947197] ? asm_exc_invalid_op+0x1a/0x20 [ 2172.947446] ? iov_iter_revert+0x178/0x180 [ 2172.947683] ? iov_iter_revert+0x5c/0x180 [ 2172.947913] tls_sw_sendmsg_locked.isra.0+0x794/0x840 [ 2172.948206] tls_sw_sendmsg+0x52/0x80 [ 2172.948420] ? inet_sendmsg+0x1f/0x70 [ 2172.948634] __sys_sendto+0x1cd/0x200 [ 2172.948848] ? find_held_lock+0x2b/0x80 [ 2172.949072] ? syscall_trace_enter+0x140/0x270 [ 2172.949330] ? __lock_release.isra.0+0x5e/0x170 [ 2172.949595] ? find_held_lock+0x2b/0x80 [ 2172.949817] ? syscall_trace_enter+0x140/0x270 [ 2172.950211] ? lockdep_hardirqs_on_prepare+0xda/0x190 [ 2172.950632] ? ktime_get_coarse_real_ts64+0xc2/0xd0 [ 2172.951036] __x64_sys_sendto+0x24/0x30 [ 2172.951382] do_syscall_64+0x90/0x170 ...... After calling bpf_exec_tx_verdict(), the size of msg_pl->sg may increase, e.g., when the BPF program executes bpf_msg_push_data(). If the BPF program sets cork_bytes and sg.size is smaller than cork_bytes, it will return -ENOSPC and attempt to roll back to the non-zero copy logic. However, during rollback, msg->msg_iter is reset, but since msg_pl->sg.size has been increased, subsequent executions will exceed the actual size of msg_iter. ''' iov_iter_revert(&msg->msg_iter, msg_pl->sg.size - orig_size); ''' The changes in this commit are based on the following considerations: 1. When cork_bytes is set, rolling back to non-zero copy logic is pointless and can directly go to zero-copy logic. 2. We can not calculate the correct number of bytes to revert msg_iter. Assume the original data is "abcdefgh" (8 bytes), and after 3 pushes by the BPF program, it becomes 11-byte data: "abc?de?fgh?". Then, we set cork_bytes to 6, which means the first 6 bytes have been processed, and the remaining 5 bytes "?fgh?" will be cached until the length meets the cork_bytes requirement. However, some data in "?fgh?" is not within 'sg->msg_iter' (but in msg_pl instead), especially the data "?" we pushed. So it doesn't seem as simple as just reverting through an offset of msg_iter. 3. For non-TLS sockets in tcp_bpf_sendmsg, when a "cork" situation occurs, the user-space send() doesn't return an error, and the returned length is the same as the input length parameter, even if some data is cached. Additionally, I saw that the current non-zero-copy logic for handling corking is written as: ''' line 1177 else if (ret != -EAGAIN) { if (ret == -ENOSPC) ret = 0; goto send_end; ''' So it's ok to just return 'copied' without error when a "cork" situation occurs. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38167 - "NTFS3 Linux Kernel Null Pointer Dereference Vulnerability"

CVE ID : CVE-2025-38167 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdr_first_de() return value The hdr_first_de() function returns a pointer to a struct NTFS_DE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help manage potential errors consistently. Additionally, error handling for the return value already exists at other points where this function is called. Found by Linux Verification Center (linuxtesting.org) with SVACE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38168 - "ARM-NI Linux Kernel Perf PMU Unregister Vulnerability"

CVE ID : CVE-2025-38168 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: perf: arm-ni: Unregister PMUs on probe failure When a resource allocation fails in one clock domain of an NI device, we need to properly roll back all previously registered perf PMUs in other clock domains of the same device. Otherwise, it can lead to kernel panics. Calling arm_ni_init+0x0/0xff8 [arm_ni] @ 2374 arm-ni ARMHCB70:00: Failed to request PMU region 0x1f3c13000 arm-ni ARMHCB70:00: probe with driver arm-ni failed with error -16 list_add corruption: next->prev should be prev (fffffd01e9698a18), but was 0000000000000000. (next=ffff10001a0decc8). pstate: 6340009 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) pc : list_add_valid_or_report+0x7c/0xb8 lr : list_add_valid_or_report+0x7c/0xb8 Call trace: __list_add_valid_or_report+0x7c/0xb8 perf_pmu_register+0x22c/0x3a0 arm_ni_probe+0x554/0x70c [arm_ni] platform_probe+0x70/0xe8 really_probe+0xc6/0x4d8 driver_probe_device+0x48/0x170 __driver_attach+0x8e/0x1c0 bus_for_each_dev+0x64/0xf0 driver_add+0x138/0x260 bus_add_driver+0x68/0x138 __platform_driver_register+0x2c/0x40 arm_ni_init+0x14/0x2a [arm_ni] do_init_module+0x36/0x298 ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Oops - BUG: Fatal exception SMP: stopping secondary CPUs Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38169 - Linux Kernel ARM64 FPSIMD State Clobbering Vulnerability

CVE ID : CVE-2025-38169 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP On system with SME, a thread's kernel FPSIMD state may be erroneously clobbered during a context switch immediately after that state is restored. Systems without SME are unaffected. If the CPU happens to be in streaming SVE mode before a context switch to a thread with kernel FPSIMD state, fpsimd_thread_switch() will restore the kernel FPSIMD state using fpsimd_load_kernel_state() while the CPU is still in streaming SVE mode. When fpsimd_thread_switch() subsequently calls fpsimd_flush_cpu_state(), this will execute an SMSTOP, causing an exit from streaming SVE mode. The exit from streaming SVE mode will cause the hardware to reset a number of FPSIMD/SVE/SME registers, clobbering the FPSIMD state. Fix this by calling fpsimd_flush_cpu_state() before restoring the kernel FPSIMD state. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38170 - Linux kernel - arm64 FPSIMD SME Trap Handling Stale CPU State Vulnerability

CVE ID : CVE-2025-38170 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIF_SME set and TIF_FOREIGN_FPSTATE clear even though the live CPU state is stale (e.g. with SME traps enabled). This can result in warnings from do_sme_acc() where SME traps are not expected while TIF_SME is set: | /* With TIF_SME userspace shouldn't generate any traps */ | if (test_and_set_thread_flag(TIF_SME)) | WARN_ON(1); This is very similar to the SVE issue we fixed in commit: 751ecf6afd6568ad ("arm64/sve: Discard stale CPU state when handling SVE traps") The race can occur when the SME trap handler is preempted before and after manipulating the saved FPSIMD/SVE/SME state, starting and ending on the same CPU, e.g. | void do_sme_acc(unsigned long esr, struct pt_regs *regs) | { | // Trap on CPU 0 with TIF_SME clear, SME traps enabled | // task->fpsimd_cpu is 0. | // per_cpu_ptr(&fpsimd_last_state, 0) is task. | | ... | | // Preempted; migrated from CPU 0 to CPU 1. | // TIF_FOREIGN_FPSTATE is set. | | get_cpu_fpsimd_context(); | | /* With TIF_SME userspace shouldn't generate any traps */ | if (test_and_set_thread_flag(TIF_SME)) | WARN_ON(1); | | if (!test_thread_flag(TIF_FOREIGN_FPSTATE)) { | unsigned long vq_minus_one = | sve_vq_from_vl(task_get_sme_vl(current)) - 1; | sme_set_vq(vq_minus_one); | | fpsimd_bind_task_to_cpu(); | } | | put_cpu_fpsimd_context(); | | // Preempted; migrated from CPU 1 to CPU 0. | // task->fpsimd_cpu is still 0 | // If per_cpu_ptr(&fpsimd_last_state, 0) is still task then: | // - Stale HW state is reused (with SME traps enabled) | // - TIF_FOREIGN_FPSTATE is cleared | // - A return to userspace skips HW state restore | } Fix the case where the state is not live and TIF_FOREIGN_FPSTATE is set by calling fpsimd_flush_task_state() to detach from the saved CPU state. This ensures that a subsequent context switch will not reuse the stale CPU state, and will instead set TIF_FOREIGN_FPSTATE, forcing the new state to be reloaded from memory prior to a return to userspace. Note: this was originallly posted as [1]. [ Rutland: rewrite commit message ] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38171 - Linux Power Supply Driver Max77705 Workqueue Vulnerability

CVE ID : CVE-2025-38171 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Fix workqueue error handling in probe The create_singlethread_workqueue() doesn't return error pointers, it returns NULL. Also cleanup the workqueue on the error paths. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38172 - "Linux EROFS UAF Vulnerability"

CVE ID : CVE-2025-38172 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. `erofs_init_device` has already guaranteed that if the primary is a file-backed device, extra devices should also be regular files. However, if the primary is a block device while the extra device is a file-backed device, `erofs_init_device` will get an ENOTBLK, which is not treated as an error in `erofs_fc_get_tree`, and that leads to an UAF: erofs_fc_get_tree get_tree_bdev_flags(erofs_fc_fill_super) erofs_read_superblock erofs_init_device // sbi->dif0 is not inited yet, // return -ENOTBLK deactivate_locked_super free(sbi) if (err is -ENOTBLK) sbi->dif0.file = filp_open() // sbi UAF So if -ENOTBLK is hitted in `erofs_init_device`, it means the primary device must be a block device, and the extra device is not a block device. The error can be converted to -EINVAL. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38173 - Marvell CESA Zero-Length SKCipher Request Buffer Overflow

CVE ID : CVE-2025-38173 Published : July 3, 2025, 9:15 a.m. | 2 hours, 57 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38148 - Linux Kernel net: phy: mscc Memory Leak

CVE ID : CVE-2025-38148 Published : July 3, 2025, 9:15 a.m. | 53 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fix memory leak when using one step timestamping Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the frame, so there is no reason to keep the skb anymore. As in this case the HW will never generate an interrupt to say that the frame was timestamped, then the frame will never released. Fix this by freeing the frame in case of one-step timestamping. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38149 - Linux Kernel Net Phydev Devlink Crash Vulnerability

CVE ID : CVE-2025-38149 Published : July 3, 2025, 9:15 a.m. | 53 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: phy: clear phydev->devlink when the link is deleted There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phy_detach() calls device_link_del() to remove the device link, but it does not clear phydev->devlink, so phydev->devlink is not a NULL pointer. Then the network port is re-enabled, but if phy_attach_direct() fails before calling device_link_add(), the code jumps to the "error" label and calls phy_detach(). Since phydev->devlink retains the old value from the previous attach/detach cycle, device_link_del() uses the old value, which accesses a NULL pointer and causes a crash. The simplified crash log is as follows. [ 24.702421] Call trace: [ 24.704856] device_link_put_kref+0x20/0x120 [ 24.709124] device_link_del+0x30/0x48 [ 24.712864] phy_detach+0x24/0x168 [ 24.716261] phy_attach_direct+0x168/0x3a4 [ 24.720352] phylink_fwnode_phy_connect+0xc8/0x14c [ 24.725140] phylink_of_phy_connect+0x1c/0x34 Therefore, phydev->devlink needs to be cleared when the device link is deleted. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2025-38150 - Linux Kernel af_packet Packet Dev Mc Vulnerability

CVE ID : CVE-2025-38150 Published : July 3, 2025, 9:15 a.m. | 53 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: af_packet: move notifier's packet_dev_mc out of rcu critical section Syzkaller reports the following issue: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578 __mutex_lock+0x106/0xe80 kernel/locking/mutex.c:746 team_change_rx_flags+0x38/0x220 drivers/net/team/team_core.c:1781 dev_change_rx_flags net/core/dev.c:9145 [inline] __dev_set_promiscuity+0x3f8/0x590 net/core/dev.c:9189 netif_set_promiscuity+0x50/0xe0 net/core/dev.c:9201 dev_set_promiscuity+0x126/0x260 net/core/dev_api.c:286 packet_dev_mc net/packet/af_packet.c:3698 [inline] packet_dev_mclist_delete net/packet/af_packet.c:3722 [inline] packet_notifier+0x292/0xa60 net/packet/af_packet.c:4247 notifier_call_chain+0x1b3/0x3e0 kernel/notifier.c:85 call_netdevice_notifiers_extack net/core/dev.c:2214 [inline] call_netdevice_notifiers net/core/dev.c:2228 [inline] unregister_netdevice_many_notify+0x15d8/0x2330 net/core/dev.c:11972 rtnl_delete_link net/core/rtnetlink.c:3522 [inline] rtnl_dellink+0x488/0x710 net/core/rtnetlink.c:3564 rtnetlink_rcv_msg+0x7cf/0xb70 net/core/rtnetlink.c:6955 netlink_rcv_skb+0x219/0x490 net/netlink/af_netlink.c:2534 Calling `PACKET_ADD_MEMBERSHIP` on an ops-locked device can trigger the `NETDEV_UNREGISTER` notifier, which may require disabling promiscuous and/or allmulti mode. Both of these operations require acquiring the netdev instance lock. Move the call to `packet_dev_mc` outside of the RCU critical section. The `mclist` modifications (add, del, flush, unregister) are protected by the RTNL, not the RCU. The RCU only protects the `sklist` and its associated `sks`. The delayed operation on the `mclist` entry remains within the RTNL. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 09:15:00 GMT

read more

CVE-2024-9017 - PeepSo Core: Groups Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-9017 Published : July 3, 2025, 7:15 a.m. | 57 minutes ago Description : The PeepSo Core: Groups plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Group Description field in all versions up to, and including, 6.4.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 07:15:00 GMT

read more

CVE-2025-5944 - Elementor Element Pack Addons Stored Cross-Site Scripting

CVE ID : CVE-2025-5944 Published : July 3, 2025, 5:15 a.m. | 2 hours, 57 minutes ago Description : The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-caption’ attribute in all versions up to, and including, 8.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Thu, 03 Jul 2025 05:15:00 GMT

read more

CVE-2025-34074 - Lucee Remote Code Execution Vulnerability in Scheduled Task Functionality

CVE ID : CVE-2025-34074 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : An authenticated remote code execution vulnerability exists in Lucee’s administrative interface due to insecure design in the scheduled task functionality. An administrator with access to /lucee/admin/web.cfm can configure a scheduled job to retrieve a remote .cfm file from an attacker-controlled server, which is written to the Lucee webroot and executed with the privileges of the Lucee service account. Because Lucee does not enforce integrity checks, path restrictions, or execution controls for scheduled task fetches, this feature can be abused to achieve arbitrary code execution. This issue is distinct from CVE-2024-55354. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34075 - Vagrant Virtual Machine Escape via Ruby Code Injection

CVE ID : CVE-2025-34075 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant (or C:\vagrant on Windows). This includes the Vagrantfile configuration file, which is a Ruby script evaluated by the host every time a vagrant command is executed in the project directory. If a low-privileged attacker obtains shell access to the guest VM, they can append arbitrary Ruby code to the mounted Vagrantfile. When a user on the host later runs any vagrant command, the injected code is executed on the host with that user’s privileges. While this shared-folder behavior is well-documented by Vagrant, the security implications of Vagrantfile execution from guest-writable storage are not explicitly addressed. This effectively enables guest-to-host code execution in multi-tenant or adversarial VM scenarios. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34076 - Microweber CMS Local File Inclusion Vulnerability

CVE ID : CVE-2025-34076 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : An authenticated local file inclusion vulnerability exists in Microweber CMS versions 1.2.11 through misuse of the backup management API. Authenticated users can abuse the /api/BackupV2/upload and /api/BackupV2/download endpoints to read arbitrary files from the underlying filesystem. By specifying an absolute file path in the src parameter of the upload request, the server may relocate or delete the target file depending on the web service user’s privileges. The corresponding download endpoint can then be used to retrieve the file contents, effectively enabling local file disclosure. This behavior stems from insufficient validation of user-supplied paths and inadequate restrictions on file access and backup logic. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34078 - NSClient++ Privilege Escalation (Local)

CVE ID : CVE-2025-34078 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file (nsclient.ini) stores the administrative password in plaintext and is readable by local users. By extracting this password, an attacker can authenticate to the NSClient++ web interface (typically accessible on port 8443) and abuse the ExternalScripts plugin to inject and execute arbitrary commands as SYSTEM by registering a custom script, saving the configuration, and triggering it via the API. This behavior is documented but insecure, as the plaintext credential exposure undermines access isolation between local users and administrative functions. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34079 - NSClient++ Remote Code Execution Vulnerability

CVE ID : CVE-2025-34079 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interface (default port 8443), inject arbitrary commands as external scripts via the /settings/query.json API, save the configuration, and trigger the script via the /query/{name} endpoint. The injected commands are executed with SYSTEM privileges, enabling full remote compromise. This capability is an intended feature, but the lack of safeguards or privilege separation makes it risky when exposed to untrusted actors. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34090 - "Google Chrome AppBound Cookie Encryption Bypass"

CVE ID : CVE-2025-34090 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : A security bypass vulnerability exists in Google Chrome AppBound cookie encryption mechanism due to insufficient validation of COM server paths during inter-process communication. A local low-privileged attacker can hijack the COM class identifier (CLSID) registration used by Chrome's elevation service and point it to a non-existent or malicious binary. When this hijack occurs, Chrome silently falls back to the legacy cookie encryption mechanism (protected only by user-DPAPI), thereby enabling cookie decryption by any user-context malware without SYSTEM-level access. This flaw bypasses the protections intended by the AppBound encryption design and allows cookie theft from Chromium-based browsers. Confirmed in Google Chrome with AppBound Encryption enabled. Other Chromium-based browsers may be affected if they implement similar COM-based encryption mechanisms. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34091 - Google Chrome AppBound Encryption Padding Oracle

CVE ID : CVE-2025-34091 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : A padding oracle vulnerability exists in Google Chrome’s AppBound cookie encryption mechanism due to observable decryption failure behavior in Windows Event Logs when handling malformed ciphertext in SYSTEM-DPAPI-encrypted blobs. A local attacker can repeatedly send malformed ciphertexts to the Chrome elevation service and distinguish between padding and MAC errors, enabling a padding oracle attack. This allows partial decryption of the SYSTEM-DPAPI layer and eventual recovery of the user-DPAPI encrypted cookie key, which is trivially decrypted by the attacker’s own context. This issue undermines the core purpose of AppBound Encryption by enabling low-privileged cookie theft through cryptographic misuse and verbose error feedback. Confirmed in Google Chrome with AppBound Encryption enabled. Other Chromium-based browsers may be affected if they implement similar COM-based encryption mechanisms. This behavior arises from a combination of Chrome’s AppBound implementation and the way Microsoft Windows DPAPI reports decryption failures via Event Logs. As such, the vulnerability relies on cryptographic behavior and error visibility in all supported versions of Windows. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-34092 - Google Chrome AppBound Cookie Encryption Bypass

CVE ID : CVE-2025-34092 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : A cookie encryption bypass vulnerability exists in Google Chrome’s AppBound mechanism due to weak path validation logic within the elevation service. When Chrome encrypts a cookie key, it records its own executable path as validation metadata. Later, when decrypting, the elevation service compares the requesting process’s path to this stored path. However, due to path canonicalization inconsistencies, an attacker can impersonate Chrome (e.g., by naming their binary chrome.exe and placing it in a similar path) and successfully retrieve the encrypted cookie key. This allows malicious processes to retrieve cookies intended to be restricted to the Chrome process only. Confirmed in Google Chrome with AppBound Encryption enabled. Other Chromium-based browsers may be affected if they implement similar COM-based encryption mechanisms. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-43025 - HP Universal Print Driver Buffer Overflow Denial of Service

CVE ID : CVE-2025-43025 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-52559 - Zulip Server Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-52559 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : Zulip is an open-source team chat application. From versions 2.0.0-rc1 to before 10.4 in Zulip Server, the /digest/ URL of a server shows a preview of what the email weekly digest would contain. This URL, though not the digest itself, contains a cross-site scripting (XSS) vulnerability in both topic names and channel names. This issue has been fixed in Zulip Server 10.4. A workaround for this issue involves denying access to /digest/. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-52842 - Laundry Cross-site Scripting (XSS)

CVE ID : CVE-2025-52842 Published : July 2, 2025, 8:15 p.m. | 11 hours, 57 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Laundry on Linux, MacOS allows Account Takeover. This issue affects Laundry: 2.3.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 20:15:00 GMT

read more

CVE-2025-45813 - ENENSYS IPGuard Authentication Bypass

CVE ID : CVE-2025-45813 Published : July 2, 2025, 6:15 p.m. | 13 hours, 57 minutes ago Description : ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 18:15:00 GMT

read more

CVE-2025-49713 - Microsoft Edge (Chromium-based) Type Confusion Code Execution Vulnerability

CVE ID : CVE-2025-49713 Published : July 2, 2025, 6:15 p.m. | 13 hours, 57 minutes ago Description : Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 18:15:00 GMT

read more

CVE-2025-20307 - Cisco BroadWorks Application Delivery Platform Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-20307 Published : July 2, 2025, 5:15 p.m. | 14 hours, 56 minutes ago Description : A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an authenticated, remote attacker to to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-20309 - Cisco Unified Communications Manager/Cisco Unified Communications Manager Session Management Edition Root Account Default Credential Vulnerability

CVE ID : CVE-2025-20309 Published : July 2, 2025, 5:15 p.m. | 14 hours, 56 minutes ago Description : A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-45424 - Xinference Unauthenticated Web GUI Access Vulnerability

CVE ID : CVE-2025-45424 Published : July 2, 2025, 5:15 p.m. | 14 hours, 56 minutes ago Description : Incorrect access control in Xinference before v1.4.0 allows attackers to access the Web GUI without authentication. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-45814 - NS3000/NS2000 Authentication Bypass

CVE ID : CVE-2025-45814 Published : July 2, 2025, 5:15 p.m. | 14 hours, 56 minutes ago Description : Missing authentication checks in the query.fcgi endpoint of NS3000 v8.1.1.125110 , v7.2.8.124852 , and v7.x and NS2000 v7.02.08 allows attackers to execute a session hijacking attack. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-52841 - Laundry CSRF Account Takeover

CVE ID : CVE-2025-52841 Published : July 2, 2025, 5:15 p.m. | 14 hours, 56 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Laundry on Linux, MacOS allows to perform an Account Takeover. This issue affects Laundry: 2.3.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 17:15:00 GMT

read more

CVE-2025-52886 - Poppler PDF Rendering Library Use-After-Free Vulnerability

CVE ID : CVE-2025-52886 Published : July 2, 2025, 4:15 p.m. | 15 hours, 57 minutes ago Description : Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-53358 - Kotaemon Local File Inclusion Directory Traversal Vulnerability

CVE ID : CVE-2025-53358 Published : July 2, 2025, 4:15 p.m. | 15 hours, 57 minutes ago Description : kotaemon is an open-source RAG-based tool for document comprehension. From versions 0.10.6 and prior, in libs/ktem/ktem/index/file/ui.py, the index_fn method accepts both URLs and local file paths without validation. The pipeline streams these paths directly and stores them, enabling attackers to traverse directories (e.g. ../../../../../.env) and exfiltrate sensitive files. This issue has been patched via commit 37cdc28, in version 0.10.7 which has not been made public at time of publication. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-53359 - Ethereum Crate Signature Malleability Vulnerability

CVE ID : CVE-2025-53359 Published : July 2, 2025, 4:15 p.m. | 15 hours, 57 minutes ago Description : ethereum is a common ethereum structs for Rust. Prior to ethereum crate v0.18.0, signature malleability (according to EIP-2) was only checked for "legacy" transactions, but not for EIP-2930, EIP-1559 and EIP-7702 transactions. This is a specification deviation. The signature malleability itself is not a security issue and not as high of a risk if the ethereum crate is used on a single-implementation blockchain. This issue has been patched in version v0.18.0. A workaround for this issue involves manually checking transaction malleability outside of the crate, however upgrading is recommended. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-6942 - Secret Server Impersonation Vulnerability

CVE ID : CVE-2025-6942 Published : July 2, 2025, 4:15 p.m. | 15 hours, 57 minutes ago Description : The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine. Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-6943 - Thycotic Secret Server SQL Injection Vulnerability

CVE ID : CVE-2025-6943 Published : July 2, 2025, 4:15 p.m. | 15 hours, 57 minutes ago Description : Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables. Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-20310 - Cisco Enterprise Chat and Email (ECE) Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-20310 Published : July 2, 2025, 4:15 p.m. | 13 hours, 57 minutes ago Description : A vulnerability in the web UI of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To successfully exploit this vulnerability, an attacker would need valid agent credentials. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-20308 - Cisco Spaces Connector Privilege Escalation Vulnerability

CVE ID : CVE-2025-20308 Published : July 2, 2025, 4:15 p.m. | 11 hours, 57 minutes ago Description : A vulnerability in Cisco Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. This vulnerability is due to insufficient restrictions during the execution of specific CLI commands. An attacker could exploit this vulnerability by logging in to the Cisco Spaces Connector CLI as the spacesadmin user and executing a specific command with crafted parameters. A successful exploit could allow the attacker to elevate privileges from the spacesadmin user and execute arbitrary commands on the underlying operating system as root. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 16:15:00 GMT

read more

CVE-2025-38092 - Linux Kernel ksmbd Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-38092 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: ksmbd: use list_first_entry_or_null for opinfo_get_list() The list_first_entry() macro never returns NULL. If the list is empty then it returns an invalid pointer. Use list_first_entry_or_null() to check if the list is empty. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-38093 - Qualcomm ARM64 GPU Temperature Control Vulnerability (Thermal Overload)

CVE ID : CVE-2025-38093 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its speed automatically when it reaches high temperatures. With certain high GPU loads it is possible to reach the critical hardware shutdown temperature of 120°C, endangering the hardware and making it impossible to run certain applications. Set up GPU cooling similar to the ACPI tables, by throttling the GPU speed when reaching 95°C and polling every 200ms. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-52891 - ModSecurity XML Tag Segmentation Fault Vulnerability

CVE ID : CVE-2025-52891 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.8 to before 2.9.11, an empty XML tag can cause a segmentation fault. If SecParseXmlIntoArgs is set to On or OnlyArgs, and the request type is application/xml, and at least one XML tag is empty (eg ), then a segmentation fault occurs. This issue has been patched in version 2.9.11. A workaround involves setting SecParseXmlIntoArgs to Off. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53006 - DataEase PostgreSQL/Redshift SSL Factory Parameter Injection Vulnerability

CVE ID : CVE-2025-53006 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like "socketfactory" and "socketfactoryarg", there are also "sslfactory" and "sslfactoryarg" with similar functionality. The difference lies in that "sslfactory" and related parameters need to be triggered after establishing the connection. Other similar parameters include "sslhostnameverifier", "sslpasswordcallback", and "authenticationPluginClassName". This issue has been patched in 2.10.11. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53108 - HomeBox Unauthenticated Attachment Manipulation Vulnerability

CVE ID : CVE-2025-53108 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : HomeBox is a home inventory and organization system. Prior to 0.20.1, HomeBox contains a missing authorization check in the API endpoints responsible for updating and deleting inventory item attachments. This flaw allows authenticated users to perform unauthorized actions on inventory item attachments that they do not own. This issue could lead to unauthorized data manipulation or loss of critical inventory data. This issue has been patched in version 0.20.1. There are no workarounds, users must upgrade. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53109 - Filesystem Symlink File Access Vulnerability

CVE ID : CVE-2025-53109 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53110 - Filesystem Model Context Protocol Servers Directory Traversal Vulnerability

CVE ID : CVE-2025-53110 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53492 - Wikimedia Foundation Mediawiki - MintyDocs Extension Stored Cross-site Scripting (XSS)

CVE ID : CVE-2025-53492 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.This issue affects Mediawiki - MintyDocs Extension: 1.39.X, 1.42.X, from 1.43.X before 1.43.2. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53493 - Wikimedia Foundation Mediawiki - MintyDocs Extension Stored Cross-site Scripting (XSS)

CVE ID : CVE-2025-53493 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.This issue affects Mediawiki - MintyDocs Extension: 1.39.X, 1.42.X, from 1.43.X before 1.43.2. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53494 - Wikimedia Foundation Mediawiki TwoColConflict Extension Stored XSS

CVE ID : CVE-2025-53494 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - TwoColConflict Extension allows Stored XSS.This issue affects Mediawiki - TwoColConflict Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-6725 - Adobe Acrobat PdfViewer XSS Vulnerability

CVE ID : CVE-2025-6725 Published : July 2, 2025, 3:15 p.m. | 4 hours, 51 minutes ago Description : In the PdfViewer component, a Cross-Site Scripting (XSS) vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-38091 - AMD Display DRM False Positive Warning

CVE ID : CVE-2025-38091 Published : July 2, 2025, 3:15 p.m. | 2 hours, 53 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check stream id dml21 wrapper to get plane_id [Why & How] Fix a false positive warning which occurs due to lack of correct checks when querying plane_id in DML21. This fixes the warning when performing a mode1 reset (cat /sys/kernel/debug/dri/1/amdgpu_gpu_recover): [ 35.751250] WARNING: CPU: 11 PID: 326 at /tmp/amd.PHpyAl7v/amd/amdgpu/../display/dc/dml2/dml2_dc_resource_mgmt.c:91 dml2_map_dc_pipes+0x243d/0x3f40 [amdgpu] [ 35.751434] Modules linked in: amdgpu(OE) amddrm_ttm_helper(OE) amdttm(OE) amddrm_buddy(OE) amdxcp(OE) amddrm_exec(OE) amd_sched(OE) amdkcl(OE) drm_suballoc_helper drm_ttm_helper ttm drm_display_helper cec rc_core i2c_algo_bit rfcomm qrtr cmac algif_hash algif_skcipher af_alg bnep amd_atl intel_rapl_msr intel_rapl_common snd_hda_codec_hdmi snd_hda_intel edac_mce_amd snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec kvm_amd snd_hda_core snd_hwdep snd_pcm kvm snd_seq_midi snd_seq_midi_event snd_rawmidi crct10dif_pclmul polyval_clmulni polyval_generic btusb ghash_clmulni_intel sha256_ssse3 btrtl sha1_ssse3 snd_seq btintel aesni_intel btbcm btmtk snd_seq_device crypto_simd sunrpc cryptd bluetooth snd_timer ccp binfmt_misc rapl snd i2c_piix4 wmi_bmof gigabyte_wmi k10temp i2c_smbus soundcore gpio_amdpt mac_hid sch_fq_codel msr parport_pc ppdev lp parport efi_pstore nfnetlink dmi_sysfs ip_tables x_tables autofs4 hid_generic usbhid hid crc32_pclmul igc ahci xhci_pci libahci xhci_pci_renesas video wmi [ 35.751501] CPU: 11 UID: 0 PID: 326 Comm: kworker/u64:9 Tainted: G OE 6.11.0-21-generic #21~24.04.1-Ubuntu [ 35.751504] Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE [ 35.751505] Hardware name: Gigabyte Technology Co., Ltd. X670E AORUS PRO X/X670E AORUS PRO X, BIOS F30 05/22/2024 [ 35.751506] Workqueue: amdgpu-reset-dev amdgpu_debugfs_reset_work [amdgpu] [ 35.751638] RIP: 0010:dml2_map_dc_pipes+0x243d/0x3f40 [amdgpu] [ 35.751794] Code: 6d 0c 00 00 8b 84 24 88 00 00 00 41 3b 44 9c 20 0f 84 fc 07 00 00 48 83 c3 01 48 83 fb 06 75 b3 4c 8b 64 24 68 4c 8b 6c 24 40 0b b8 06 00 00 00 49 8b 94 24 a0 49 00 00 89 c3 83 f8 07 0f 87 [ 35.751796] RSP: 0018:ffffbfa3805d7680 EFLAGS: 00010246 [ 35.751798] RAX: 0000000000010000 RBX: 0000000000000006 RCX: 0000000000000000 [ 35.751799] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000 [ 35.751800] RBP: ffffbfa3805d78f0 R08: 0000000000000000 R09: 0000000000000000 [ 35.751801] R10: 0000000000000000 R11: 0000000000000000 R12: ffffbfa383249000 [ 35.751802] R13: ffffa0e68f280000 R14: ffffbfa383249658 R15: 0000000000000000 [ 35.751803] FS: 0000000000000000(0000) GS:ffffa0edbe580000(0000) knlGS:0000000000000000 [ 35.751804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 35.751805] CR2: 00005d847ef96c58 CR3: 000000041de3e000 CR4: 0000000000f50ef0 [ 35.751806] PKRU: 55555554 [ 35.751807] Call Trace: [ 35.751810] [ 35.751816] ? show_regs+0x6c/0x80 [ 35.751820] ? __warn+0x88/0x140 [ 35.751822] ? dml2_map_dc_pipes+0x243d/0x3f40 [amdgpu] [ 35.751964] ? report_bug+0x182/0x1b0 [ 35.751969] ? handle_bug+0x6e/0xb0 [ 35.751972] ? exc_invalid_op+0x18/0x80 [ 35.751974] ? asm_exc_invalid_op+0x1b/0x20 [ 35.751978] ? dml2_map_dc_pipes+0x243d/0x3f40 [amdgpu] [ 35.752117] ? math_pow+0x48/0xa0 [amdgpu] [ 35.752256] ? srso_alias_return_thunk+0x5/0xfbef5 [ 35.752260] ? math_pow+0x48/0xa0 [amdgpu] [ 35.752400] ? srso_alias_return_thunk+0x5/0xfbef5 [ 35.752403] ? math_pow+0x11/0xa0 [amdgpu] [ 35.752524] ? srso_alias_return_thunk+0x5/0xfbef5 [ 35.752526] ? core_dcn4_mode_programming+0xe4d/0x20d0 [amdgpu] [ 35.752663] ? srso_alias_return_thunk+0x5/0xfbef5 [ 35.752669] dml21_validate+0x3d4/0x980 [amdgpu] (cherry picked from commit f8ad62c0a93e5dd94243e10f1b742232e4d6411e) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 15:15:00 GMT

read more

CVE-2025-53106 - Graylog API Token Privilege Escalation Vulnerability

CVE ID : CVE-2025-53106 Published : July 2, 2025, 2:15 p.m. | 3 hours, 53 minutes ago Description : Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID. For the attack to succeed, the attacker needs a user account in Graylog. They can then proceed to issue hand-crafted requests to the Graylog REST API and exploit a weak permission check for token creation. This issue has been patched in versions 6.2.4 and 6.3.0-rc.2. A workaround involves disabling the respective configuration found in System > Configuration > Users > "Allow users to create personal access tokens". Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34071 - Kerio Control Remote Code Execution Vulnerability

CVE ID : CVE-2025-34071 Published : July 2, 2025, 2:15 p.m. | 3 hours, 6 minutes ago Description : A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts within the upgrade.sh or disk image components. These modified upgrade images are not validated for authenticity or integrity, and are executed by the system post-upload, enabling root access. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34072 - "Anthropic Slack MCP Server Data Exfiltration Vulnerability"

CVE ID : CVE-2025-34072 Published : July 2, 2025, 2:15 p.m. | 3 hours, 6 minutes ago Description : A data exfiltration vulnerability exists in Anthropic’s deprecated Slack Model Context Protocol (MCP) Server via automatic link unfurling. When an AI agent using the Slack MCP Server processes untrusted data, it can be manipulated to generate messages containing attacker-crafted hyperlinks embedding sensitive data. Slack’s link preview bots (e.g., Slack-LinkExpanding, Slackbot, Slack-ImgProxy) will then issue outbound requests to the attacker-controlled URL, resulting in zero-click exfiltration of private data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34073 - Maltrail Command Injection Vulnerability

CVE ID : CVE-2025-34073 Published : July 2, 2025, 2:15 p.m. | 3 hours, 6 minutes ago Description : An unauthenticated command injection vulnerability exists in stamparm/maltrail (Maltrail) versions 0.54. A remote attacker can execute arbitrary operating system commands via the username parameter in a POST request to the /login endpoint. This occurs due to unsafe handling of user-supplied input passed to subprocess.check_output() in core/http.py, allowing injection of shell metacharacters. Exploitation does not require authentication and commands are executed with the privileges of the Maltrail process. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-45029 - Winstar WN572HP3 Heap Overflow

CVE ID : CVE-2025-45029 Published : July 2, 2025, 2:15 p.m. | 3 hours, 6 minutes ago Description : WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENT_LENGTH variable at /cgi-bin/upload.cgi. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-49588 - Linkwarden File Path Injection Vulnerability

CVE ID : CVE-2025-49588 Published : July 2, 2025, 2:15 p.m. | 3 hours, 6 minutes ago Description : Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other user's links (and in some cases it might be possible to leak environment secrets). This issue has been patched in version 2.10.3 which has not been made public at time of publication. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-27026 - Infinera G42 WebGUI CLI Deactivation Privilege Escalation Vulnerability

CVE ID : CVE-2025-27026 Published : July 2, 2025, 2:15 p.m. | 1 hour, 10 minutes ago Description : A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3 allows an authenticated administrator to make other management interfaces unavailable via local and network interfaces. The CLI deactivation via the WebGUI does not only stop CLI interface but deactivates also Linux Shell, WebGUI and Physical Serial Console access. No confirmation is asked at deactivation time. Loosing access to these services device administrators are at risk of completely loosing device control. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34057 - Ruijie NBR Series Router Information Disclosure Vulnerability

CVE ID : CVE-2025-34057 Published : July 2, 2025, 2:15 p.m. | 1 hour, 10 minutes ago Description : An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect NBR2000G, NBR1300G, and NBR1000 models) via the /WEB_VMS/LEVEL15/ endpoint. By crafting a specific POST request with modified Cookie headers and specially formatted parameters, an unauthenticated attacker can retrieve administrative account credentials in plaintext. This flaw allows direct disclosure of sensitive user data due to improper authentication checks and insecure backend logic. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34067 - Hikvision Integrated Security Management Platform Fastjson Remote Command Execution

CVE ID : CVE-2025-34067 Published : July 2, 2025, 2:15 p.m. | 1 hour, 10 minutes ago Description : An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson's auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34069 - Kerio Control Authentication Bypass through Insecure Proxy Configuration

CVE ID : CVE-2025-34069 Published : July 2, 2025, 2:15 p.m. | 1 hour, 10 minutes ago Description : An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent, bypassing firewall restrictions and exposing internal management endpoints. This enables unauthenticated attackers to access the GFIAgent service on ports 7995 and 7996, retrieve the appliance UUID, and issue administrative requests via the proxy. Exploitation results in full administrative access to the Kerio Control appliance. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2025-34070 - GFI Kerio Control GFIAgent Authentication Bypass

CVE ID : CVE-2025-34070 Published : July 2, 2025, 2:15 p.m. | 1 hour, 10 minutes ago Description : A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP services on ports 7995 and 7996 without proper authentication. The /proxy handler on port 7996 allows arbitrary forwarding to administrative endpoints when provided with an Appliance UUID, which itself can be retrieved from port 7995. This results in a complete authentication bypass, permitting access to sensitive administrative APIs. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 14:15:00 GMT

read more

CVE-2024-35164 - Apache Guacamole SSH Console Code Execution Vulnerability

CVE ID : CVE-2024-35164 Published : July 2, 2025, 12:15 p.m. | 3 hours, 10 minutes ago Description : The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be executed with the privileges of the running guacd process. Users are recommended to upgrade to version 1.6.0, which fixes this issue. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 12:15:00 GMT

read more

CVE-2025-46647 - Apache APISIX OpenID-Connect Plugin Issuer Key Reuse Vulnerability

CVE ID : CVE-2025-46647 Published : July 2, 2025, 12:15 p.m. | 3 hours, 10 minutes ago Description : A vulnerability of plugin openid-connect in Apache APISIX. This vulnerability will only have an impact if all of the following conditions are met: 1. Use the openid-connect plugin with introspection mode 2. The auth service connected to openid-connect provides services to multiple issuers 3. Multiple issuers share the same private key and relies only on the issuer being different If affected by this vulnerability, it would allow an attacker with a valid account on one of the issuers to log into the other issuer. This issue affects Apache APISIX: until 3.12.0. Users are recommended to upgrade to version 3.12.0 or higher. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 12:15:00 GMT

read more

CVE-2025-39362 - Mollie Payments for WooCommerce Missing Authorization

CVE ID : CVE-2025-39362 Published : July 2, 2025, 11:15 a.m. | 4 hours, 10 minutes ago Description : Missing Authorization vulnerability in Mollie Mollie Payments for WooCommerce.This issue affects Mollie Payments for WooCommerce: from n/a through 8.0.2. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 11:15:00 GMT

read more

CVE-2025-27023 - "Infinera G42 WebGUI CLI File Disclosure Vulnerability"

CVE ID : CVE-2025-27023 Published : July 2, 2025, 10:15 a.m. | 5 hours, 10 minutes ago Description : Lack or insufficent input validation in WebGUI CLI web in Infinera G42 version R6.1.3 allows remote authenticated users to read all OS files via crafted CLI commands. Details: The web interface based management of the Infinera G42 appliance enables the feature of executing a restricted set of commands. This feature also offers the option to execute a script-file already present on the target device. When a non-script or incorrect file is specified, the content of the file is shown along with an error message. Due to an execution of the http service with a privileged user all files on the file system can be viewed this way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-27024 - Infinera G42 SFTP Unrestricted File System Access

CVE ID : CVE-2025-27024 Published : July 2, 2025, 10:15 a.m. | 5 hours, 10 minutes ago Description : Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used for SSH CLI access and are able to read all files according to the OS permission instead of remaining inside the chrooted directory position. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-27025 - Apache HTTP Server Directory Traversal File Read/Write Vulnerability

CVE ID : CVE-2025-27025 Published : July 2, 2025, 10:15 a.m. | 5 hours, 10 minutes ago Description : The target device exposes a service on a specific TCP port with a configured endpoint. The access to that endpoint is granted using a Basic Authentication method. The endpoint accepts also the PUT method and it is possible to write files on the target device file system. Files are written as root. Using Postman it is possible to perform a Directory Traversal attack and write files into any location of the device file system. Similarly to the PUT method, it is possible to leverage the same mechanism to read any file from the file system by using the GET method. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-2330 - Elementor WidgetKit WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-2330 Published : July 2, 2025, 10:15 a.m. | 5 hours, 10 minutes ago Description : The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button+modal' widget in all versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-4946 - Vikinger WordPress Theme Arbitrary File Deletion Vulnerability

CVE ID : CVE-2025-4946 Published : July 2, 2025, 10:15 a.m. | 5 hours, 10 minutes ago Description : The Vikinger theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the vikinger_delete_activity_media_ajax() function in all versions up to, and including, 1.9.32. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Note: Requires Vikinger Media plugin to be installed and active. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 10:15:00 GMT

read more

CVE-2025-24332 - Nokia Single RAN AirScale Baseband SSH Privilege Escalation

CVE ID : CVE-2025-24332 Published : July 2, 2025, 9:15 a.m. | 6 hours, 10 minutes ago Description : Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity boards using the internal bsoc SSH service, which is available only internally within the baseband and through the internal backplane between the boards. The bsoc SSH allows login from one board to another via the baseband internal backplane using an SSH private key present on the baseband system board. This bsoc SSH capability was previously considered an administrative functionality but has now been restricted to be available only to baseband root-privileged administrators. This restriction mitigates the possibility of misuse with lower-level privileges (e.g., from baseband software images). This mitigation is included starting from release 23R4-SR 3.0 MP and later Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24333 - Nokia Single RAN Baseband Administrative Shell Command Injection Vulnerability

CVE ID : CVE-2025-24333 Published : July 2, 2025, 9:15 a.m. | 6 hours, 10 minutes ago Description : Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via special characters added to baseband internal COMA_config.xml file. This issue has been corrected starting from release 24R1-SR 1.0 MP and later, by adding proper input validation to OAM service process which prevents injecting special characters via baseband internal COMA_config.xml file. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24334 - Nokia Single RAN Baseband Software Information Disclosure Vulnerability

CVE ID : CVE-2025-24334 Published : July 2, 2025, 9:15 a.m. | 6 hours, 10 minutes ago Description : The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator (MNO) internal RAN management network. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24335 - Nokia Single RAN SOAP Message Input Validation Vulnerability

CVE ID : CVE-2025-24335 Published : July 2, 2025, 9:15 a.m. | 6 hours, 10 minutes ago Description : Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP contain a SOAP message input validation flaw, which in theory could potentially be used for causing resource exhaustion in the Single RAN baseband OAM service. No practical exploit has been detected for this flaw. However, the issue has been corrected starting from release 24R1-SR 2.1 MP by adding sufficient input validation for received SOAP requests, effectively mitigating the reported issue. Severity: 2.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-27021 - Infinera G42 Sudoers Configuration Memory Access Vulnerability

CVE ID : CVE-2025-27021 Published : July 2, 2025, 9:15 a.m. | 6 hours, 10 minutes ago Description : The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by tampering with kernel memory. Details: The output of "sudo -l" reports the presence of "devmem" command executable as super user without using a password. This command allows to read and write an arbitrary memory area of the target device, specifying an absolute address. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-27022 - Infinera G42 WebGUI HTTP Endpoint Path Traversal Vulnerability

CVE ID : CVE-2025-27022 Published : July 2, 2025, 9:15 a.m. | 6 hours, 10 minutes ago Description : A path traversal vulnerability of the WebGUI HTTP endpoint in Infinera G42 version R6.1.3 allows remote authenticated users to download all OS files via HTTP requests. Details: Lack or insufficient validation of user-supplied input allows authenticated users to access all files on the target machine file system that are readable to the user account used to run the httpd service. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24329 - "Nokia Single RAN Baseband SOAP Path Traversal Vulnerability"

CVE ID : CVE-2025-24329 Published : July 2, 2025, 9:15 a.m. | 4 hours, 50 minutes ago Description : Sending a crafted SOAP "provision" operation message archive field within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later. Beginning with release 24R1-SR 1.0 MP, the OAM service software utilizes libarchive APIs with security options enabled, effectively mitigating the reported path traversal issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24330 - "Nokia Single RAN Baseband SOAP Path Traversal Vulnerability"

CVE ID : CVE-2025-24330 Published : July 2, 2025, 9:15 a.m. | 4 hours, 50 minutes ago Description : Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later. Beginning with release 24R1-SR 1.0 MP, the OAM service software performed PlanId field input validations mitigate the reported path traversal issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24331 - Nokia Single RAN Root Privilege Escalation Vulnerability

CVE ID : CVE-2025-24331 Published : July 2, 2025, 9:15 a.m. | 4 hours, 50 minutes ago Description : The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially starts with root privileges and assigns certain capabilities before dropping to an unprivileged level. The capabilities retained from the root period are considered extensive after the privilege drop and, in theory, could potentially allow actions beyond the intended scope of the OAM service. These actions could include gaining root privileges, accessing root-owned files, modifying them as the file owner, and then returning them to root ownership. This issue has been corrected starting from release 24R1-SR 0.2 MP and later. Beginning with release 24R1-SR 0.2 MP, the OAM service software capabilities are restricted to the minimum necessary. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 09:15:00 GMT

read more

CVE-2025-24328 - Nokia Single RAN SOAP Stack Overflow

CVE ID : CVE-2025-24328 Published : July 2, 2025, 8:15 a.m. | 5 hours, 50 minutes ago Description : Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later. The OAM service component restarts automatically after the stack overflow without causing a base station restart or network service degradation, and without leaving any permanent impact on the Nokia Single RAN baseband OAM service. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 08:15:00 GMT

read more

CVE-2024-13786 - "WordPress Education Theme PHP Object Injection Vulnerability"

CVE ID : CVE-2024-13786 Published : July 2, 2025, 7:15 a.m. | 6 hours, 50 minutes ago Description : The education theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.10 via deserialization of untrusted input in the 'themerex_callback_view_more_posts' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 07:15:00 GMT

read more

CVE-2025-6017 - Red Hat Advanced Cluster Management Information Disclosure Vulnerability

CVE ID : CVE-2025-6017 Published : July 2, 2025, 7:15 a.m. | 6 hours, 50 minutes ago Description : A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2.11, before 2.11.4, and 2.12, before 2.12.4. This vulnerability allows an unprivileged user to view confidential managed cluster credentials through the UI. This information should only be accessible to authorized users and may result in the loss of confidentiality of administrative information, which could be leaked to unauthorized actors. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 07:15:00 GMT

read more

CVE-2024-13451 - Bit Form Contact Form Sensitive Information Exposure

CVE ID : CVE-2024-13451 Published : July 2, 2025, 6:15 a.m. | 7 hours, 50 minutes ago Description : The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.17.4 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via a form. The vulnerability was partially patched in version 2.17.5. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 06:15:00 GMT

read more

CVE-2025-6464 - Forminator Forms Unauthenticated PHP Object Injection Vulnerability

CVE ID : CVE-2025-6464 Published : July 2, 2025, 6:15 a.m. | 7 hours, 50 minutes ago Description : The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.44.2 via deserialization of untrusted input in the 'entry_delete_upload_files' function. This makes it possible for unauthenticated attackers to inject a PHP Object through a PHAR file. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. Deserialization occurs when the form submission is deleted, whether by an Administrator or via auto-deletion determined by plugin settings. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 06:15:00 GMT

read more

CVE-2025-52462 - Active! mail XSS

CVE ID : CVE-2025-52462 Published : July 2, 2025, 5:15 a.m. | 8 hours, 50 minutes ago Description : Cross-site scripting vulnerability exists in Active! mail 6 BuildInfo: 6.30.01004145 to 6.60.06008562. If this vulnerability is exploited, an arbitrary script may be executed on the logged-in user's web browser when the user is accessing a specially crafted URL. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 05:15:00 GMT

read more

CVE-2025-52463 - Active! Mail CSRF Email Sending

CVE ID : CVE-2025-52463 Published : July 2, 2025, 5:15 a.m. | 8 hours, 50 minutes ago Description : Cross-site request forgery vulnerability exists in Active! mail 6 BuildInfo: 6.60.06008562 and earlier. If this vulnerability is exploited, unintended E-mail may be sent when a user accesses a specially crafted URL while being logged in. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 05:15:00 GMT

read more

CVE-2025-6463 - Forminator Forms - WordPress Remote Code Execution via File Deletion

CVE ID : CVE-2025-6463 Published : July 2, 2025, 5:15 a.m. | 8 hours, 50 minutes ago Description : The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'entry_delete_upload_files' function in all versions up to, and including, 1.44.2. This makes it possible for unauthenticated attackers to include arbitrary file paths in a form submission. The file will be deleted when the form submission is deleted, whether by an Administrator or via auto-deletion determined by plugin settings. This can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 05:15:00 GMT

read more

CVE-2025-6686 - Elementor Magic Buttons Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6686 Published : July 2, 2025, 4:16 a.m. | 7 hours, 49 minutes ago Description : The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's magic-button shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:16:00 GMT

read more

CVE-2025-6687 - Elementor Magic Buttons Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6687 Published : July 2, 2025, 4:16 a.m. | 7 hours, 49 minutes ago Description : The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's magic-button shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:16:00 GMT

read more

CVE-2025-6459 - Ads Pro Plugin - WordPress Cross-Site Request Forgery (CSRF) Vulnerability

CVE ID : CVE-2025-6459 Published : July 2, 2025, 4:15 a.m. | 7 hours, 5 minutes ago Description : The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.89. This is due to missing or incorrect nonce validation on the bsaCreateAdTemplate function. This makes it possible for unauthenticated attackers to inject and execute arbitrary PHP code via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5014 - The Home Villas | Real Estate WordPress Theme File Deletion Vulnerability (Arbitrary File Deletion)

CVE ID : CVE-2025-5014 Published : July 2, 2025, 4:15 a.m. | 5 hours, 15 minutes ago Description : The Home Villas | Real Estate WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'wp_rem_cs_widget_file_delete' function in all versions up to, and including, 2.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5339 - Adobe Ads Pro Plugin SQL Injection Vulnerability

CVE ID : CVE-2025-5339 Published : July 2, 2025, 4:15 a.m. | 5 hours, 15 minutes ago Description : The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘bsa_pro_id’ parameter in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5746 - WooCommerce Drag and Drop Multiple File Upload Arbitrary File Upload Vulnerability

CVE ID : CVE-2025-5746 Published : July 2, 2025, 4:15 a.m. | 5 hours, 15 minutes ago Description : The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnd_upload_cf7_upload_chunks() function in version 5.0 - 5.0.5 (when bundled with the PrintSpace theme) and all versions up to, and including, 1.7.1 (in the standalone version). This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. The execution of PHP is disabled via a .htaccess file but is still possible in certain server configurations. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5817 - Amazon Products to WooCommerce SSRF Vulnerability

CVE ID : CVE-2025-5817 Published : July 2, 2025, 4:15 a.m. | 5 hours, 14 minutes ago Description : The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.7 via the wcta2w_get_urls(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-6437 - WordPress Ads Pro Plugin SQL Injection Vulnerability

CVE ID : CVE-2025-6437 Published : July 2, 2025, 4:15 a.m. | 5 hours, 14 minutes ago Description : The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘oid’ parameter in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2024-11405 - "WordPress WP Front-end login and register Reflected Cross-Site Scripting"

CVE ID : CVE-2024-11405 Published : July 2, 2025, 4:15 a.m. | 5 hours ago Description : The WP Front-end login and register plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the email and wpmp_reset_password_token parameters in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-3848 - WordPress SmartPay Plugin Privilege Escalation Vulnerability

CVE ID : CVE-2025-3848 Published : July 2, 2025, 4:15 a.m. | 5 hours ago Description : The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 1.1.0 to 2.7.13. This is due to the plugin not properly validating a user's identity prior to updating their email through the update() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-4380 - Adobe Ads Pro Plugin Local File Inclusion Vulnerability

CVE ID : CVE-2025-4380 Published : July 2, 2025, 4:15 a.m. | 5 hours ago Description : The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.89 via the 'bsa_template' parameter of the `bsa_preview_callback` function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases .php files can can be uploaded and included, or already exist on the site. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-4381 - WordPress Ads Pro Plugin SQL Injection Vulnerability

CVE ID : CVE-2025-4381 Published : July 2, 2025, 4:15 a.m. | 5 hours ago Description : The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘$id’ variable of the getSpace() function in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-4654 - WordPress Soumettre.fr Unauthorized Access and Data Modification Vulnerability

CVE ID : CVE-2025-4654 Published : July 2, 2025, 4:15 a.m. | 4 hours, 59 minutes ago Description : The Soumettre.fr plugin for WordPress is vulnerable to unauthorized access and modification of data due to a improper authorization checks on the make_signature function in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to create/edit/delete Soumettre posts. This vulnerability affects only installations where the soumettre account is not connected (i.e. API key is not installed) Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-4689 - Ads Pro Plugin - WordPress Remote Code Execution via Local File Inclusion and SQL Injection

CVE ID : CVE-2025-4689 Published : July 2, 2025, 4:15 a.m. | 4 hours, 59 minutes ago Description : The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion which leads to Remote Code Execution in all versions up to, and including, 4.89. This is due to the presence of a SQL Injection vulnerability and Local File Inclusion vulnerability that can be chained with an image upload. This makes it possible for unauthenticated attackers to execute code on the server upload image files on the server than can be fetched via a SQL injection vulnerability, and ultimately executed as PHP code through the local file inclusion vulnerability. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-52925 - One Identity OneLogin Active Directory Connector Cryptographic Weakness

CVE ID : CVE-2025-52925 Published : July 2, 2025, 4:15 a.m. | 4 hours, 59 minutes ago Description : In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 04:15:00 GMT

read more

CVE-2025-5692 - WordPress Lead Form Data Collection to CRM Plugin Privilege Escalation Vulnerability

CVE ID : CVE-2025-5692 Published : July 2, 2025, 3:15 a.m. | 6 hours ago Description : The Lead Form Data Collection to CRM plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the doFieldAjaxAction() function in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. Other AJAX actions handling plugin settings are also insufficiently protected and exploitable. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 03:15:00 GMT

read more

CVE-2025-36630 - Nessus Windows Local Privilege Escalation Vulnerability

CVE ID : CVE-2025-36630 Published : July 2, 2025, 12:15 a.m. | 9 hours ago Description : In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege. Severity: 8.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Wed, 02 Jul 2025 00:15:00 GMT

read more

CVE-2025-36582 - Dell NetWorker SSL/TLS Algorithm Downgrade Information Disclosure

CVE ID : CVE-2025-36582 Published : July 1, 2025, 2:15 p.m. | 17 hours, 50 minutes ago Description : Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-37097 - HPE Insight Remote Support Denial of Service

CVE ID : CVE-2025-37097 Published : July 1, 2025, 2:15 p.m. | 17 hours, 49 minutes ago Description : A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-45872 - "zrlog SSRF"

CVE ID : CVE-2025-45872 Published : July 1, 2025, 2:15 p.m. | 17 hours, 49 minutes ago Description : zrlog v3.1.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the downloadUrl parameter. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-49029 - Bitto Kazi Custom Login And Signup Widget Code Injection Vulnerability

CVE ID : CVE-2025-49029 Published : July 1, 2025, 2:15 p.m. | 17 hours, 49 minutes ago Description : Improper Control of Generation of Code ('Code Injection') vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue affects Custom Login And Signup Widget: from n/a through 1.0. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6920 - ai-inference-server API Key Validation Bypass Vulnerability

CVE ID : CVE-2025-6920 Published : July 1, 2025, 2:15 p.m. | 17 hours, 49 minutes ago Description : A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/* endpoints are expected to enforce API key validation. However, the POST /invocations endpoint failed to do so, resulting in an authentication bypass. This vulnerability allows unauthorized users to access the same inference features available on protected endpoints, potentially exposing sensitive functionality or allowing unintended access to backend resources. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6953 - TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-6953 Published : July 1, 2025, 2:15 p.m. | 17 hours, 49 minutes ago Description : A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6954 - Campcodes Employee Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6954 Published : July 1, 2025, 2:15 p.m. | 17 hours, 49 minutes ago Description : A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /applyleave.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6955 - Campcodes Employee Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6955 Published : July 1, 2025, 2:15 p.m. | 17 hours, 49 minutes ago Description : A vulnerability was found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /process/aprocess.php. The manipulation of the argument mailuid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-6956 - Campcodes Employee Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6956 Published : July 1, 2025, 2:15 p.m. | 17 hours, 49 minutes ago Description : A vulnerability was found in Campcodes Employee Management System 1.0. It has been classified as critical. This affects an unknown part of the file /changepassemp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 14:15:00 GMT

read more

CVE-2025-49480 - Huawei LTE Telephony Out-of-Bounds Access Vulnerability

CVE ID : CVE-2025-49480 Published : July 1, 2025, 12:15 p.m. | 19 hours, 50 minutes ago Description : Out-of-bounds access in ASR180x 、ASR190x in lte-telephony, This vulnerability is associated with program files apps/lzma/src/LzmaEnc.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-49481 - Falcon_Linux, Kestrel, Lapwing_Linux Router Resource Leak Exposure

CVE ID : CVE-2025-49481 Published : July 1, 2025, 12:15 p.m. | 19 hours, 50 minutes ago Description : Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router modules allows Resource Leak Exposure. This vulnerability is associated with program files router/phonebook/pbwork-queue.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-49482 - Juniper Networks Tr069 Module Resource Leak Exposure

CVE ID : CVE-2025-49482 Published : July 1, 2025, 12:15 p.m. | 19 hours, 50 minutes ago Description : Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr098.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-49483 - Falcon Linux, Kestrel, and Lapwing Linux ASR180x, ASR190x TR069 Resource Leak Exposure

CVE ID : CVE-2025-49483 Published : July 1, 2025, 12:15 p.m. | 19 hours, 50 minutes ago Description : Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr069_uci.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-5314 - Dear Flipbook WordPress DOM-Based Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5314 Published : July 1, 2025, 12:15 p.m. | 19 hours, 50 minutes ago Description : The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to DOM-Based Reflected Cross-Site Scripting via the ‘pdf-source’ parameter in all versions up to, and including, 2.3.65 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-6951 - SAFECAM X300 FTP Service Default Credentials Vulnerability

CVE ID : CVE-2025-6951 Published : July 1, 2025, 12:15 p.m. | 19 hours, 50 minutes ago Description : A vulnerability classified as problematic was found in SAFECAM X300 up to 20250611. This vulnerability affects unknown code of the component FTP Service. The manipulation leads to use of default credentials. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-6952 - Open5GS AMF Service Local Assertion Vulnerability

CVE ID : CVE-2025-6952 Published : July 1, 2025, 12:15 p.m. | 19 hours, 50 minutes ago Description : A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amf_state_operational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The identifier of the patch is 53e9e059ed96b940f7ddcd9a2b68cb512524d5db. It is recommended to apply a patch to fix this issue. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 12:15:00 GMT

read more

CVE-2025-49488 - Falcon_Linux, Kestrel, Lapwing_Linux Router Resource Leak Exposure

CVE ID : CVE-2025-49488 Published : July 1, 2025, 11:15 a.m. | 20 hours, 50 minutes ago Description : Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router components allows Resource Leak Exposure. This vulnerability is associated with program files router/phonebook/pb.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 11:15:00 GMT

read more

CVE-2025-49491 - ASR Falcon_Linux, Kestrel, Lapwing_Linux Traffic Stat Resource Leak Exposure

CVE ID : CVE-2025-49491 Published : July 1, 2025, 11:15 a.m. | 20 hours, 50 minutes ago Description : Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (traffic_stat modules) allows Resource Leak Exposure. This vulnerability is associated with program files traffic_stat/traffic_service/traffic_service.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 11:15:00 GMT

read more

CVE-2025-49492 - Falcon_Linux, Kestrel, Lapwing_Linux LTE-Telephony Out-of-Bounds Write Buffer Underrun

CVE ID : CVE-2025-49492 Published : July 1, 2025, 11:15 a.m. | 20 hours, 50 minutes ago Description : Out-of-bounds write in ASR180x in lte-telephony, May cause a buffer underrun. This vulnerability is associated with program files apps/atcmd_server/src/dev_api.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 11:15:00 GMT

read more

CVE-2025-6224 - Juju Certificate Private Key Exposure

CVE ID : CVE-2025-6224 Published : July 1, 2025, 11:15 a.m. | 20 hours, 50 minutes ago Description : Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 11:15:00 GMT

read more

CVE-2025-49489 - ASR Falcon_Linux, Kestrel, Lapwing_Linux Resource Leak Exposure

CVE ID : CVE-2025-49489 Published : July 1, 2025, 10:15 a.m. | 21 hours, 50 minutes ago Description : Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (con_mgr components) allows Resource Leak Exposure. This vulnerability is associated with program files con_mgr/dialer_task.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 10:15:00 GMT

read more

CVE-2025-49490 - Falcon_Linux Kestrel Lapwing_Linux Router Resource Leak Exposure

CVE ID : CVE-2025-49490 Published : July 1, 2025, 10:15 a.m. | 21 hours, 50 minutes ago Description : Resource leak vulnerability in ASR180x in router allows Resource Leak Exposure. This vulnerability is associated with program files router/sms/sms.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 10:15:00 GMT

read more

CVE-2025-6756 - "Ultra Addons for Contact Form 7 Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-6756 Published : July 1, 2025, 10:15 a.m. | 21 hours, 50 minutes ago Description : The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's UACF7_CUSTOM_FIELDS shortcode in all versions up to, and including, 3.5.21 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 10:15:00 GMT

read more

CVE-2025-5072 - Falcon_Linux, Kestrel, Lapwing_Linux ASR180x, ASR190x Resource Leak Exposure

CVE ID : CVE-2025-5072 Published : July 1, 2025, 9:15 a.m. | 22 hours, 50 minutes ago Description : Resource leak vulnerability in ASR180x、ASR190x in con_mgr allows Resource Leak Exposure.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 09:15:00 GMT

read more

Découvrez « Cyber en Clair », la nouvelle campagne de sensibilisation de Cybermalveillance.gouv.fr destinée aux jeunes

]]>

Tue, 01 Jul 2025 09:00:00 GMT

read more

CVE-2025-41656 - Node_RED Remote Command Execution (RCE)

CVE ID : CVE-2025-41656 Published : July 1, 2025, 8:15 a.m. | 23 hours, 50 minutes ago Description : An unauthenticated remote attacker can run arbitrary commands on the affected devices with high privileges because the authentication for the Node_RED server is not configured by default. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 08:15:00 GMT

read more

CVE-2025-41648 - IndustrialPI Authentication Bypass Vulnerability

CVE ID : CVE-2025-41648 Published : July 1, 2025, 8:15 a.m. | 5 hours, 47 minutes ago Description : An unauthenticated remote attacker can bypass the login to the web application of the affected devices making it possible to access and change all available settings of the IndustrialPI. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 08:15:00 GMT

read more

CVE-2025-6934 - Opal Estate Pro - WordPress Property Management Plugin Privilege Escalation Vulnerability

CVE ID : CVE-2025-6934 Published : July 1, 2025, 7:15 a.m. | 6 hours, 47 minutes ago Description : The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the FullHouse - Real Estate Responsive WordPress Theme, is vulnerable to privilege escalation via in all versions up to, and including, 1.7.5. This is due to a lack of role restriction during registration in the 'on_regiser_user' function. This makes it possible for unauthenticated attackers to arbitrarily choose the role, including the Administrator role, assigned when registering. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 07:15:00 GMT

read more

CVE-2025-5967 - "ENS HX Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-5967 Published : July 1, 2025, 4:15 a.m. | 9 hours, 47 minutes ago Description : A stored cross-site scripting vulnerability in ENS HX 10.0.4 allows a malicious user to inject arbitrary HTML into the ENS HX Malware Scan Name field, resulting in the exposure of sensitive data. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 04:15:00 GMT

read more

CVE-2025-6081 - Konica Minolta bizhub LDAP Credential Exposure Vulnerability

CVE ID : CVE-2025-6081 Published : July 1, 2025, 4:15 a.m. | 9 hours, 47 minutes ago Description : Insufficiently Protected Credentials in LDAP in Konica Minolta bizhub 227 Multifunction printers version GCQ-Y3 or earlier allows an attacker can reconfigure the target device to use an external LDAP service controlled by the attacker. If an LDAP password is set on the target device, the attacker can force the target device to authenticate to the attacker controlled LDAP service. This will allow the attacker to capture the plaintext password of the configured LDAP service. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 04:15:00 GMT

read more

CVE-2024-46993 - Electron Heap Buffer Overflow

CVE ID : CVE-2024-46993 Published : July 1, 2025, 3:15 a.m. | 10 hours, 48 minutes ago Description : Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath() and nativeImage.createFromBuffer() functions call a function downstream that is vulnerable to a heap buffer overflow. An Electron program that uses either of the affected functions is vulnerable to a buffer overflow if an attacker is in control of the image's height, width, and contents. This issue has been patched in versions 28.3.2, 29.3.3, and 30.0.3. There are no workarounds for this issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2024-49364 - Tiny-SECP256k1 Buffer Package Private Key Extraction Vulnerability

CVE ID : CVE-2024-49364 Published : July 1, 2025, 3:15 a.m. | 10 hours, 48 minutes ago Description : tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a private key can be extracted on signing a malicious JSON-stringifiable object, when global Buffer is the buffer package. This affects only environments where require('buffer') is the NPM buffer package. The Buffer.isBuffer check can be bypassed, resulting in k reuse for different messages, leading to private key extraction over a single invalid message (and a second one for which any message/signature could be taken, e.g. previously known valid one). This issue has been patched in version 1.1.7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2024-49365 - Tiny-SECP256K1 JSON-Stringifyable Message Verification Bypass Vulnerability

CVE ID : CVE-2024-49365 Published : July 1, 2025, 3:15 a.m. | 10 hours, 47 minutes ago Description : tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a malicious JSON-stringifyable message can be made passing on verify(), when global Buffer is the buffer package. This affects only environments where require('buffer') is the NPM buffer package. Buffer.isBuffer check can be bypassed, resulting in strange objects being accepted as a message, and those messages could trick verify() into returning false-positive true values. This issue has been patched in version 1.1.7. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2025-6939 - TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow

CVE ID : CVE-2025-6939 Published : July 1, 2025, 3:15 a.m. | 10 hours, 47 minutes ago Description : A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2025-6940 - TOTOLINK A702R HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-6940 Published : July 1, 2025, 3:15 a.m. | 10 hours, 47 minutes ago Description : A vulnerability classified as critical was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 03:15:00 GMT

read more

CVE-2024-46992 - Electron ASAR Integrity Bypass on Windows

CVE ID : CVE-2024-46992 Published : July 1, 2025, 2:15 a.m. | 9 hours, 47 minutes ago Description : Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses enabled. Apps without these fuses enabled are not impacted. This issue is specific to Windows, apps using these fuses on macOS are not impacted. Specifically this issue can only be exploited if the app is launched from a filesystem the attacker has write access too. i.e. the ability to edit files inside the .app bundle on macOS which these fuses are supposed to protect against. This issue has been patched in versions 30.0.5 and 31.0.0-beta.1. There are no workarounds for this issue. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-53003 - Janssen Project IAM Unverified Scope Information Disclosure

CVE ID : CVE-2025-53003 Published : July 1, 2025, 2:15 a.m. | 9 hours, 47 minutes ago Description : The Janssen Project is an open-source identity and access management (IAM) platform. Prior to version 1.8.0, the Config API returns results without scope verification. This has a large internal surface attack area that exposes all sorts of information from the IDP including clients, users, scripts ..etc. This issue has been patched in version 1.8.0. A workaround for this vulnerability involves users forking and building the config api, patching it in their system following commit 92eea4d. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-53095 - Sunshine/Moonlight CSRF to RCE

CVE ID : CVE-2025-53095 Published : July 1, 2025, 2:15 a.m. | 9 hours, 47 minutes ago Description : Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Cross-Site Request Forgery (CSRF) attacks. This vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user, can trigger unintended actions within the Sunshine application on behalf of that user. Specifically, since the application does OS command execution by design, this issue can be exploited to abuse the "Command Preparations" feature, enabling an attacker to inject arbitrary commands that will be executed with Administrator privileges when an application is launched. This issue has been patched in version 2025.628.4510. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-53096 - Moonlight Sunshine Clickjacking Vulnerability

CVE ID : CVE-2025-53096 Published : July 1, 2025, 2:15 a.m. | 9 hours, 47 minutes ago Description : Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Clickjacking attacks. This vulnerability allows an attacker to embed the Sunshine interface within a malicious website using an invisible or disguised iframe. If a user is tricked into interacting (one or multiple clicks) with the malicious page while authenticated, they may unknowingly perform actions within the Sunshine application without their consent. This issue has been patched in version 2025.628.4510. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-6938 - "Code-projects Simple Pizza Ordering System SQL Injection Vulnerability"

CVE ID : CVE-2025-6938 Published : July 1, 2025, 2:15 a.m. | 9 hours, 47 minutes ago Description : A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 02:15:00 GMT

read more

CVE-2025-53005 - DataEase PostgreSQL Data Source JDBC Connection Factory Argument Injection Vulnerability

CVE ID : CVE-2025-53005 Published : July 1, 2025, 1:15 a.m. | 10 hours, 47 minutes ago Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's PostgreSQL Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has been patched in version 2.10.11. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 01:15:00 GMT

read more

CVE-2025-6937 - Code-projects Simple Pizza Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-6937 Published : July 1, 2025, 1:15 a.m. | 10 hours, 47 minutes ago Description : A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /large.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 01:15:00 GMT

read more

CVE-2025-2141 - IBM System Storage Virtualization Engine Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-2141 Published : July 1, 2025, 1:15 a.m. | 9 hours, 25 minutes ago Description : IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 01:15:00 GMT

read more

CVE-2025-36056 - IBM System Storage Virtualization Engine TS7700 Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-36056 Published : July 1, 2025, 1:15 a.m. | 9 hours, 25 minutes ago Description : IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 01:15:00 GMT

read more

CVE-2025-6935 - Campcodes Sales and Inventory System SQL Injection

CVE ID : CVE-2025-6935 Published : July 1, 2025, 12:15 a.m. | 10 hours, 25 minutes ago Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/payment_add.php. The manipulation of the argument cid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 00:15:00 GMT

read more

CVE-2025-6936 - Simple Pizza Ordering System SQL Injection

CVE ID : CVE-2025-6936 Published : July 1, 2025, 12:15 a.m. | 10 hours, 25 minutes ago Description : A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /addpro.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Tue, 01 Jul 2025 00:15:00 GMT

read more

CVE-2025-6931 - D-Link DCS-6517 DCS-7517 Insufficient Entropy in Root Password Generation Handler

CVE ID : CVE-2025-6931 Published : June 30, 2025, 11:15 p.m. | 10 hours, 47 minutes ago Description : A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0. Affected by this vulnerability is the function generate_pass_from_mac of the file /bin/httpd of the component Root Password Generation Handler. The manipulation leads to insufficient entropy. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 23:15:00 GMT

read more

CVE-2025-6932 - D-Link DCS-7517 Hard-Coded Password Vulnerability

CVE ID : CVE-2025-6932 Published : June 30, 2025, 11:15 p.m. | 10 hours, 47 minutes ago Description : A vulnerability, which was classified as problematic, was found in D-Link DCS-7517 up to 2.02.0. This affects the function g_F_n_GenPassForQlync of the file /bin/httpd of the component Qlync Password Generation Handler. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 23:15:00 GMT

read more

CVE-2025-6930 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6930 Published : June 30, 2025, 10:15 p.m. | 11 hours, 47 minutes ago Description : A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/manage-foreigners-ticket.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 22:15:00 GMT

read more

CVE-2025-6554 - Google Chrome V8 Type Confusion Vulnerability

CVE ID : CVE-2025-6554 Published : June 30, 2025, 10:15 p.m. | 10 hours, 48 minutes ago Description : Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 22:15:00 GMT

read more

CVE-2025-49521 - Ansible Ansible Automation Platform Code Injection Vulnerability

CVE ID : CVE-2025-49521 Published : June 30, 2025, 9:15 p.m. | 9 hours, 53 minutes ago Description : A flaw was found in the EDA component of the Ansible Automation Platform, where user-supplied Git branch or refspec values are evaluated as Jinja2 templates. This vulnerability allows authenticated users to inject expressions that execute commands or access sensitive files on the EDA worker. In OpenShift, it can lead to service account token theft. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-53004 - DataEase SSL Factory Bypass Vulnerability

CVE ID : CVE-2025-53004 Published : June 30, 2025, 9:15 p.m. | 9 hours, 53 minutes ago Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's Redshift Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has been patched in version 2.10.11. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-6929 - PHPGurukul Zoo Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6929 Published : June 30, 2025, 9:15 p.m. | 9 hours, 53 minutes ago Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /admin/view-normal-ticket.php. The manipulation of the argument viewid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-32463 - Sudo Local Command Injection Vulnerability

CVE ID : CVE-2025-32463 Published : June 30, 2025, 9:15 p.m. | 6 hours, 45 minutes ago Description : Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-49520 - Ansible Automation Platform EDA Git URL Injection Remote Command Execution Vulnerability

CVE ID : CVE-2025-49520 Published : June 30, 2025, 9:15 p.m. | 6 hours, 45 minutes ago Description : A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to inject arguments and execute arbitrary commands on the EDA worker. In Kubernetes/OpenShift environments, this can lead to service account token theft and cluster access. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-32462 - Sudo Privilege Escalation

CVE ID : CVE-2025-32462 Published : June 30, 2025, 9:15 p.m. | 5 hours, 25 minutes ago Description : Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. Severity: 2.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 21:15:00 GMT

read more

CVE-2025-52901 - Apache File Browser JWT Session Leak Vulnerability

CVE ID : CVE-2025-52901 Published : June 30, 2025, 8:15 p.m. | 6 hours, 25 minutes ago Description : File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.9, access tokens are used as GET parameters. The JSON Web Token (JWT) which is used as a session identifier will get leaked to anyone having access to the URLs accessed by the user. This will give an attacker full access to a user's account and, in consequence, to all sensitive files the user has access to. This issue has been patched in version 2.33.9. Severity: 4.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-52995 - File Browser Privilege Escalation Vulnerability

CVE ID : CVE-2025-52995 Published : June 30, 2025, 8:15 p.m. | 6 hours, 25 minutes ago Description : File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.10, the implementation of the allowlist is erroneous, allowing a user to execute more shell commands than they are authorized for. The concrete impact of this vulnerability depends on the commands configured, and the binaries installed on the server or in the container image. Due to the missing separation of scopes on the OS-level, this could give an attacker access to all files managed the application, including the File Browser database. This issue has been patched in version 2.33.10. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-52996 - Apache File Browser Unprotected File Sharing Vulnerability

CVE ID : CVE-2025-52996 Published : June 30, 2025, 8:15 p.m. | 6 hours, 25 minutes ago Description : File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions 2.32.0 and prior, the implementation of password protected links is error-prone, resulting in potential unprotected sharing of a file through a direct download link. This link can either be shared unknowingly by a user or discovered from various locations such as the browser history or the log of a proxy server used. At time of publication, no known patched versions are available. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-52997 - Apache File Browser Authentication Brute-Force Vulnerability

CVE ID : CVE-2025-52997 Published : June 30, 2025, 8:15 p.m. | 6 hours, 25 minutes ago Description : File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.34.1, a missing password policy and brute-force protection makes the authentication process insecure. Attackers could mount a brute-force attack to retrieve the passwords of all accounts in a given instance. This issue has been patched in version 2.34.1. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-49493 - Akamai CloudTest XXE Injection Vulnerability

CVE ID : CVE-2025-49493 Published : June 30, 2025, 8:15 p.m. | 4 hours, 46 minutes ago Description : Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-52491 - Akamai CloudTest SSRF

CVE ID : CVE-2025-52491 Published : June 30, 2025, 8:15 p.m. | 4 hours, 46 minutes ago Description : Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 20:15:00 GMT

read more

CVE-2025-36593 - Dell OpenManage Network Integration RADIUS Authentication Bypass

CVE ID : CVE-2025-36593 Published : June 30, 2025, 7:15 p.m. | 5 hours, 46 minutes ago Description : Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed authentication request. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 19:15:00 GMT

read more

CVE-2025-52898 - Frappe Password Reset Token Access Vulnerability

CVE ID : CVE-2025-52898 Published : June 30, 2025, 6:15 p.m. | 6 hours, 46 minutes ago Description : Frappe is a full-stack web application framework. Prior to versions 14.94.3 and 15.58.0, a carefully crafted request could lead to a malicious actor getting access to a user's password reset token. This can only be exploited on self hosted instances configured in a certain way. Frappe Cloud users are safe. This issue has been patched in versions 14.94.3 and 15.58.0. Workarounds for this issue involve verifying password reset URLs before clicking on them or upgrading for self hosted users. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 18:15:00 GMT

read more

CVE-2025-6917 - Code-projects Online Hotel Booking SQL Injection Vulnerability

CVE ID : CVE-2025-6917 Published : June 30, 2025, 6:15 p.m. | 6 hours, 46 minutes ago Description : A vulnerability has been found in code-projects Online Hotel Booking 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/registration.php. The manipulation of the argument uname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 18:15:00 GMT

read more

CVE-2025-6925 - Dromara RuoYi-Vue-Plus Path Traversal Vulnerability

CVE ID : CVE-2025-6925 Published : June 30, 2025, 6:15 p.m. | 6 hours, 46 minutes ago Description : A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /src/main/java/org/dromara/demo/controller/MailController.java of the component Mail Handler. The manipulation of the argument filePath leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 18:15:00 GMT

read more

CVE-2025-52896 - Frappe Cross-Site Scripting (XSS) via Data Import Vulnerability

CVE ID : CVE-2025-52896 Published : June 30, 2025, 5:15 p.m. | 7 hours, 46 minutes ago Description : Frappe is a full-stack web application framework. Prior to versions 14.94.2 and 15.57.0, authenticated users could upload carefully crafted malicious files via Data Import, leading to cross-site scripting (XSS). This issue has been patched in versions 14.94.2 and 15.57.0. There are no workarounds for this issue other than upgrading. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-6915 - PHPGurukul Student Record System SQL Injection Vulnerability

CVE ID : CVE-2025-6915 Published : June 30, 2025, 5:15 p.m. | 7 hours, 46 minutes ago Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Student Record System 3.2. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument session leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-6916 - TOTOLINK T6 Local Network Authentication Bypass

CVE ID : CVE-2025-6916 Published : June 30, 2025, 5:15 p.m. | 7 hours, 46 minutes ago Description : A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015. This affects the function Form_Login of the file /formLoginAuth.htm. The manipulation of the argument authCode/goURL leads to missing authentication. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-26074 - Orkes Conductor Java Deserialization Vulnerability

CVE ID : CVE-2025-26074 Published : June 30, 2025, 5:15 p.m. | 4 hours, 44 minutes ago Description : Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-45143 - Apache String-Math Regex Denial of Service

CVE ID : CVE-2025-45143 Published : June 30, 2025, 5:15 p.m. | 4 hours, 44 minutes ago Description : string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-45931 - D-Link DIR-816-A2 Remote Code Execution Vulnerability

CVE ID : CVE-2025-45931 Published : June 30, 2025, 5:15 p.m. | 4 hours, 44 minutes ago Description : An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in the bin/goahead file Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-46702 - Mattermost Channel Member Management Privilege Escalation Vulnerability

CVE ID : CVE-2025-46702 Published : June 30, 2025, 5:15 p.m. | 4 hours, 44 minutes ago Description : Mattermost versions 10.5.x 10.5.5, 9.11.x 9.11.15, 10.8.x 10.8.0, 10.7.x 10.7.2, 10.6.x 10.6.5 fail to properly enforce channel member management permissions when adding participants to playbook runs. This allows authenticated users with member-level permissions to bypass system admin restrictions and add or remove users to/from private channels via the playbook run participants feature, even when the 'Manage Members' permission has been explicitly removed. This can lead to unauthorized access to sensitive channel content and allow guest users to gain channel management privileges. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-47871 - Mattermost Information Disclosure Vulnerability

CVE ID : CVE-2025-47871 Published : June 30, 2025, 5:15 p.m. | 4 hours, 44 minutes ago Description : Mattermost versions 10.5.x 10.5.5, 9.11.x 9.11.15, 10.8.x 10.8.0, 10.7.x 10.7.2, 10.6.x 10.6.5 fail to properly validate channel membership when retrieving playbook run metadata, allowing authenticated users who are playbook members but not channel members to access sensitive information about linked private channels including channel name, display name, and participant count through the run metadata API endpoint. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2025-52895 - Frappe SQL Injection Vulnerability

CVE ID : CVE-2025-52895 Published : June 30, 2025, 5:15 p.m. | 4 hours, 44 minutes ago Description : Frappe is a full-stack web application framework. Prior to versions 14.94.3 and 15.58.0, SQL injection could be achieved via a specially crafted request, which could allow malicious person to gain access to sensitive information. This issue has been patched in versions 14.94.3 and 15.58.0. There are no workarounds for this issue other than upgrading. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 17:15:00 GMT

read more

CVE-2024-12915 - Devinim Software Library Cross-site Scripting (XSS)

CVE ID : CVE-2024-12915 Published : June 30, 2025, 4:15 p.m. | 4 hours, 47 minutes ago Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Devinim Software Library Software allows Reflected XSS.This issue affects Library Software: before 24.11.02. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-53001 - Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-53001 Published : June 30, 2025, 4:15 p.m. | 4 hours, 47 minutes ago Description : Rejected reason: Reason: This candidate was issued in error. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-53017 - Apache Struts Remote Code Execution

CVE ID : CVE-2025-53017 Published : June 30, 2025, 4:15 p.m. | 4 hours, 47 minutes ago Description : Rejected reason: Reason: This candidate was issued in error. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-6913 - PHPGurukul Student Record System SQL Injection Vulnerability

CVE ID : CVE-2025-6913 Published : June 30, 2025, 4:15 p.m. | 4 hours, 47 minutes ago Description : A vulnerability classified as critical has been found in PHPGurukul Student Record System 3.2. Affected is an unknown function of the file /admin-profile.php. The manipulation of the argument aemailid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-6914 - PHPGurukul Student Record System SQL Injection

CVE ID : CVE-2025-6914 Published : June 30, 2025, 4:15 p.m. | 4 hours, 46 minutes ago Description : A vulnerability classified as critical was found in PHPGurukul Student Record System 3.2. Affected by this vulnerability is an unknown functionality of the file /edit-student.php. The manipulation of the argument fmarks2 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 16:15:00 GMT

read more

CVE-2025-6912 - PHPGurukul Student Record System SQL Injection Vulnerability

CVE ID : CVE-2025-6912 Published : June 30, 2025, 3:15 p.m. | 5 hours, 47 minutes ago Description : A vulnerability was found in PHPGurukul Student Record System 3.2. It has been rated as critical. This issue affects some unknown processing of the file /manage-students.php. The manipulation of the argument del leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2023-47310 - MikroTik RouterOS IPv6 UDP Traceroute Information Disclosure

CVE ID : CVE-2023-47310 Published : June 30, 2025, 3:15 p.m. | 4 hours, 43 minutes ago Description : A misconfiguration in the default settings of MikroTik RouterOS 7 and fixed in v7.14 allows incoming IPv6 UDP traceroute packets. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2024-53621 - Tenda AC1206 Buffer Overflow Vulnerability

CVE ID : CVE-2024-53621 Published : June 30, 2025, 3:15 p.m. | 4 hours, 43 minutes ago Description : A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 11ac US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 allows attackers to cause a Denial of Service (DoS) via a crafted POST request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2025-2895 - IBM Cloud Pak System HTML Injection Vulnerability

CVE ID : CVE-2025-2895 Published : June 30, 2025, 3:15 p.m. | 4 hours, 43 minutes ago Description : IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, 2.3.4.1, and 2.3.4.1 iFix1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2025-6911 - PHPGurukul Student Record System SQL Injection Vulnerability

CVE ID : CVE-2025-6911 Published : June 30, 2025, 3:15 p.m. | 4 hours, 43 minutes ago Description : A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /manage-subjects.php. The manipulation of the argument del leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 15:15:00 GMT

read more

CVE-2025-6909 - PHPGurukul Old Age Home Management System SQL Injection

CVE ID : CVE-2025-6909 Published : June 30, 2025, 2:15 p.m. | 5 hours, 43 minutes ago Description : A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-scdetails.php. The manipulation of the argument emeradd leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 14:15:00 GMT

read more

CVE-2025-6910 - PHPGurukul Student Record System SQL Injection Vulnerability

CVE ID : CVE-2025-6910 Published : June 30, 2025, 2:15 p.m. | 5 hours, 43 minutes ago Description : A vulnerability was found in PHPGurukul Student Record System 3.2. It has been classified as critical. This affects an unknown part of the file /session.php. The manipulation of the argument session leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 14:15:00 GMT

read more

CVE-2025-6908 - PHPGurukul Old Age Home Management System SQL Injection

CVE ID : CVE-2025-6908 Published : June 30, 2025, 1:15 p.m. | 5 hours, 44 minutes ago Description : A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/edit-services.php. The manipulation of the argument sertitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 13:15:00 GMT

read more

CVE-2025-6906 - Car Rental System SQL Injection Vulnerability

CVE ID : CVE-2025-6906 Published : June 30, 2025, 1:15 p.m. | 4 hours, 43 minutes ago Description : A vulnerability classified as critical has been found in code-projects Car Rental System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 13:15:00 GMT

read more

CVE-2025-6907 - Code-projects Car Rental System SQL Injection Vulnerability

CVE ID : CVE-2025-6907 Published : June 30, 2025, 1:15 p.m. | 4 hours, 43 minutes ago Description : A vulnerability classified as critical was found in code-projects Car Rental System 1.0. This vulnerability affects unknown code of the file /book_car.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 13:15:00 GMT

read more

CVE-2025-6905 - "Car Rental System SQL Injection Vulnerability"

CVE ID : CVE-2025-6905 Published : June 30, 2025, 12:15 p.m. | 5 hours, 43 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Car Rental System 1.0. This issue affects some unknown processing of the file /signup.php. The manipulation of the argument fname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 12:15:00 GMT

read more

CVE-2025-4407 - ABB Lite Panel Pro Session Expiration Vulnerability

CVE ID : CVE-2025-4407 Published : June 30, 2025, 12:15 p.m. | 3 hours, 43 minutes ago Description : Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.This issue affects Lite Panel Pro: through 1.0.1. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 12:15:00 GMT

read more

CVE-2025-40710 - Hotspot Shield VPN Host Header Injection Vulnerability

CVE ID : CVE-2025-40710 Published : June 30, 2025, 11:15 a.m. | 4 hours, 43 minutes ago Description : Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web applications through the VPN tunnel. Although such applications do not present this vulnerability per se, the use of the tunnel, together with a forged Host header, can cause the VPN client to redirect or forward HTTP requests to servers other than those originally intended, leading to consequences such as open redirects or delivery of traffic to infrastructure controlled by an attacker. This does not imply a flaw in the target applications, but in how the VPN client internally handles outgoing headers and requests. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 11:15:00 GMT

read more

CVE-2025-6903 - "Code-projects Car Rental System SQL Injection Vulnerability"

CVE ID : CVE-2025-6903 Published : June 30, 2025, 11:15 a.m. | 4 hours, 43 minutes ago Description : A vulnerability was found in code-projects Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 11:15:00 GMT

read more

CVE-2025-6904 - Car Rental System SQL Injection Vulnerability

CVE ID : CVE-2025-6904 Published : June 30, 2025, 11:15 a.m. | 4 hours, 43 minutes ago Description : A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of the argument car_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 11:15:00 GMT

read more

Particuliers : quelles sont les cybermalveillances les plus fréquentes en 2024 ?

]]>

Mon, 30 Jun 2025 10:22:00 GMT

read more

CVE-2024-8419 - Apache Unauthenticated Remote Fail-Safe State Vulnerability

CVE ID : CVE-2024-8419 Published : June 30, 2025, 10:15 a.m. | 5 hours, 43 minutes ago Description : The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing authentication. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-41439 - RICOH Streamline NX Reflected Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-41439 Published : June 30, 2025, 10:15 a.m. | 5 hours, 43 minutes ago Description : A reflected cross-site scripting vulnerability via a specific parameter exists in SLNX Help Documentation of RICOH Streamline NX. If this vulnerability is exploited, an arbitrary script may be executed in the web browser of the user who accessed the product. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-53416 - CVE-2022-22954 Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-53416 Published : June 30, 2025, 10:15 a.m. | 5 hours, 43 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-6901 - Code-projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6901 Published : June 30, 2025, 10:15 a.m. | 5 hours, 43 minutes ago Description : A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/removeUser.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-6902 - Code-projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6902 Published : June 30, 2025, 10:15 a.m. | 5 hours, 43 minutes ago Description : A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /php_action/editUser.php. The manipulation of the argument edituserName leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 10:15:00 GMT

read more

CVE-2025-40733 - Daily Expense Manager Reflected XSS

CVE ID : CVE-2025-40733 Published : June 30, 2025, 9:15 a.m. | 6 hours, 43 minutes ago Description : Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username parameter in /login.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-40734 - Daily Expense Manager Cross-Site Scripting (XSS)

CVE ID : CVE-2025-40734 Published : June 30, 2025, 9:15 a.m. | 6 hours, 43 minutes ago Description : Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and confirm_password parameters in /register.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-53415 - Delta Electronics DTM Soft Project File Parsing Remote Code Execution Vulnerability

CVE ID : CVE-2025-53415 Published : June 30, 2025, 9:15 a.m. | 6 hours, 43 minutes ago Description : Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-6899 - D-Link DI-7300G+/DI-8200G Os Command Injection Vulnerability

CVE ID : CVE-2025-6899 Published : June 30, 2025, 9:15 a.m. | 6 hours, 43 minutes ago Description : A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part of the file msp_info.htm. The manipulation of the argument flag/cmd/iface leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-6900 - Code-projects Library System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-6900 Published : June 30, 2025, 9:15 a.m. | 6 hours, 43 minutes ago Description : A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-40731 - Daily Expense Manager SQL Injection

CVE ID : CVE-2025-40731 Published : June 30, 2025, 9:15 a.m. | 5 hours, 46 minutes ago Description : SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-40732 - Daily Expense Manager Username Disclosure Vulnerability

CVE ID : CVE-2025-40732 Published : June 30, 2025, 9:15 a.m. | 5 hours, 45 minutes ago Description : user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 09:15:00 GMT

read more

CVE-2025-38090 - Linux Kernel Rapidio Heap Overwrite Vulnerability

CVE ID : CVE-2025-38090 Published : June 30, 2025, 8:15 a.m. | 6 hours, 46 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm.c: prevent possible heap overwrite In riocm_cdev_ioctl(RIO_CM_CHAN_SEND) -> cm_chan_msg_send() -> riocm_ch_send() cm_chan_msg_send() checks that userspace didn't send too much data but riocm_ch_send() failed to check that userspace sent sufficient data. The result is that riocm_ch_send() can write to fields in the rio_ch_chan_hdr which were outside the bounds of the space which cm_chan_msg_send() allocated. Address this by teaching riocm_ch_send() to check that the entire rio_ch_chan_hdr was copied in from userspace. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-6897 - D-Link DI-7300G+ HTTPD Debug ASP OS Command Injection Vulnerability

CVE ID : CVE-2025-6897 Published : June 30, 2025, 8:15 a.m. | 6 hours, 46 minutes ago Description : A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument Time leads to os command injection. The exploit has been disclosed to the public and may be used. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-6898 - D-Link DI-7300G+ Os Command Injection Vulnerability

CVE ID : CVE-2025-6898 Published : June 30, 2025, 8:15 a.m. | 6 hours, 46 minutes ago Description : A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file in proxy_client.asp. The manipulation of the argument proxy_srv/proxy_lanport/proxy_lanip/proxy_srvport leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-38088 - IBM Power Systems Out-of-Bounds Read Vulnerability

CVE ID : CVE-2025-38088 Published : June 30, 2025, 8:15 a.m. | 5 hours, 43 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region size. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-38089 - SunRPC Authentication Error Handling Remote Crash Vulnerability

CVE ID : CVE-2025-38089 Published : June 30, 2025, 8:15 a.m. | 5 hours, 43 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the client sends a kernel RPC server a specially crafted packet. If decoding the RPC reply fails in such a way that SVC_GARBAGE is returned without setting the rq_accept_statp pointer, then that pointer can be dereferenced and a value stored there. If it's the first time the thread has processed an RPC, then that pointer will be set to NULL and the kernel will crash. In other cases, it could create a memory scribble. The server sunrpc code treats a SVC_GARBAGE return from svc_authenticate or pg_authenticate as if it should send a GARBAGE_ARGS reply. RFC 5531 says that if authentication fails that the RPC should be rejected instead with a status of AUTH_ERR. Handle a SVC_GARBAGE return as an AUTH_ERROR, with a reason of AUTH_BADCRED instead of returning GARBAGE_ARGS in that case. This sidesteps the whole problem of touching the rpc_accept_statp pointer in this situation and avoids the crash. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-38087 - Linux Kernel Taprio Use-After-Free Vulnerability

CVE ID : CVE-2025-38087 Published : June 30, 2025, 8:15 a.m. | 4 hours, 44 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier Since taprio’s taprio_dev_notifier() isn’t protected by an RCU read-side critical section, a race with advance_sched() can lead to a use-after-free. Adding rcu_read_lock() inside taprio_dev_notifier() prevents this. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 08:15:00 GMT

read more

CVE-2025-6891 - Code-projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6891 Published : June 30, 2025, 7:15 a.m. | 5 hours, 44 minutes ago Description : A vulnerability classified as critical has been found in code-projects Inventory Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 07:15:00 GMT

read more

CVE-2025-6896 - D-Link DI-7300G+ Os Command Injection Vulnerability

CVE ID : CVE-2025-6896 Published : June 30, 2025, 7:15 a.m. | 5 hours, 44 minutes ago Description : A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 07:15:00 GMT

read more

CVE-2025-3745 - WordPress Lightbox 2 Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3745 Published : June 30, 2025, 6:15 a.m. | 4 hours, 25 minutes ago Description : The WP Lightbox 2 WordPress plugin before 3.0.6.8 does not correctly sanitize the value of the title attribute of links before using them, which may allow malicious users to conduct XSS attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 06:15:00 GMT

read more

CVE-2025-5730 - WordPress Contact Form Plugin Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5730 Published : June 30, 2025, 6:15 a.m. | 4 hours, 25 minutes ago Description : The Contact Form Plugin WordPress plugin before 1.1.29 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 06:15:00 GMT

read more

CVE-2025-6889 - Movie Ticketing System SQL Injection

CVE ID : CVE-2025-6889 Published : June 30, 2025, 6:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /logIn.php. The manipulation of the argument postName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 06:15:00 GMT

read more

CVE-2025-6890 - Code-projects Movie Ticketing System SQL Injection Vulnerability

CVE ID : CVE-2025-6890 Published : June 30, 2025, 6:15 a.m. | 4 hours, 25 minutes ago Description : A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ticketConfirmation.php. The manipulation of the argument Date leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 06:15:00 GMT

read more

CVE-2025-6888 - PHPGurukul Teachers Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6888 Published : June 30, 2025, 5:15 a.m. | 5 hours, 25 minutes ago Description : A vulnerability was found in PHPGurukul Teachers Record Management System 2.1. It has been classified as critical. This affects an unknown part of the file /admin/changeimage.php. The manipulation of the argument tid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 05:15:00 GMT

read more

CVE-2025-6886 - Tenda AC5 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6886 Published : June 30, 2025, 5:15 a.m. | 3 hours, 44 minutes ago Description : A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 05:15:00 GMT

read more

CVE-2025-6887 - Tenda AC5 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6887 Published : June 30, 2025, 5:15 a.m. | 3 hours, 44 minutes ago Description : A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 05:15:00 GMT

read more

CVE-2025-6885 - PHPGurukul Teachers Record Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6885 Published : June 30, 2025, 4:15 a.m. | 4 hours, 45 minutes ago Description : A vulnerability, which was classified as critical, was found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/edit-teacher-detail.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 04:15:00 GMT

read more

CVE-2025-53074 - Samsung Open Source rLottie Out-of-bounds Read Overflow

CVE ID : CVE-2025-53074 Published : June 30, 2025, 3:15 a.m. | 5 hours, 45 minutes ago Description : Out-of-bounds Read vulnerability in Samsung Open Source rLottie allows Overflow Buffers.This issue affects rLottie: V0.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-53076 - Samsung Open Source rLottie Overread Buffer Vulnerability

CVE ID : CVE-2025-53076 Published : June 30, 2025, 3:15 a.m. | 5 hours, 45 minutes ago Description : Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers.This issue affects rLottie: V0.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-6882 - D-Link DIR-513 Buffer Overflow Vulnerability

CVE ID : CVE-2025-6882 Published : June 30, 2025, 3:15 a.m. | 5 hours, 45 minutes ago Description : A vulnerability classified as critical has been found in D-Link DIR-513 1.0. This affects an unknown part of the file /goform/formSetWanPPTP. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-6883 - Code-Projects Staff Audit System SQL Injection

CVE ID : CVE-2025-6883 Published : June 30, 2025, 3:15 a.m. | 5 hours, 45 minutes ago Description : A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /update_index.php. The manipulation of the argument updateid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-6884 - Apache Code-projects Staff Audit System SQL Injection Vulnerability

CVE ID : CVE-2025-6884 Published : June 30, 2025, 3:15 a.m. | 5 hours, 45 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /search_index.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 03:15:00 GMT

read more

CVE-2025-0634 - Samsung rLottie After Free Remote Code Inclusion Vulnerability

CVE ID : CVE-2025-0634 Published : June 30, 2025, 2:15 a.m. | 6 hours, 45 minutes ago Description : Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 02:15:00 GMT

read more

CVE-2025-46014 - Honor PC Manager Named Pipe Privilege Escalation Vulnerability

CVE ID : CVE-2025-46014 Published : June 30, 2025, 2:15 a.m. | 6 hours, 45 minutes ago Description : Several services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect services to the named pipe iMateBookAssistant with default or overly permissive security attributes, leading to a privilege escalation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 02:15:00 GMT

read more

CVE-2025-53075 - Samsung Open Source rLottie Path Traversal Vulnerability

CVE ID : CVE-2025-53075 Published : June 30, 2025, 2:15 a.m. | 6 hours, 45 minutes ago Description : Improper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 02:15:00 GMT

read more

CVE-2025-6881 - D-Link jhttpd PPPoE Buffer Overflow Vulnerability

CVE ID : CVE-2025-6881 Published : June 30, 2025, 2:15 a.m. | 6 hours, 45 minutes ago Description : A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoe_base.asp of the component jhttpd. The manipulation of the argument mschap_en leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 02:15:00 GMT

read more

CVE-2025-6878 - SourceCodester Best Salon Management System SQL Injection

CVE ID : CVE-2025-6878 Published : June 30, 2025, 1:15 a.m. | 6 hours, 42 minutes ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/search-appointment.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 01:15:00 GMT

read more

CVE-2025-6879 - "SourceCodester Best Salon Management System SQL Injection"

CVE ID : CVE-2025-6879 Published : June 30, 2025, 1:15 a.m. | 6 hours, 42 minutes ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add-tax.php. The manipulation of the argument Name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 01:15:00 GMT

read more

CVE-2025-6880 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6880 Published : June 30, 2025, 1:15 a.m. | 6 hours, 42 minutes ago Description : A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-tax.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 01:15:00 GMT

read more

CVE-2025-6877 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6877 Published : June 30, 2025, 12:15 a.m. | 7 hours, 42 minutes ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/edit-category.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 30 Jun 2025 00:15:00 GMT

read more

CVE-2025-6875 - SourceCodester Best Salon Management System SQL Injection

CVE ID : CVE-2025-6875 Published : June 29, 2025, 11:15 p.m. | 8 hours, 42 minutes ago Description : A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 23:15:00 GMT

read more

CVE-2025-6876 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6876 Published : June 29, 2025, 11:15 p.m. | 8 hours, 42 minutes ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 23:15:00 GMT

read more

CVE-2025-6873 - SourceCodester Simple Company Website File Upload Vulnerability

CVE ID : CVE-2025-6873 Published : June 29, 2025, 10:15 p.m. | 8 hours, 45 minutes ago Description : A vulnerability, which was classified as critical, has been found in SourceCodester Simple Company Website 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 22:15:00 GMT

read more

CVE-2025-6874 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6874 Published : June 29, 2025, 10:15 p.m. | 8 hours, 45 minutes ago Description : A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/add_subscribe.php. The manipulation of the argument user_id/plan_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 22:15:00 GMT

read more

CVE-2015-20112 - Fortinet SSL/TLS CTR Stream Collision Vulnerability

CVE ID : CVE-2015-20112 Published : June 29, 2025, 9:15 p.m. | 8 hours, 42 minutes ago Description : RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network. Severity: 3.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 21:15:00 GMT

read more

CVE-2025-6871 - SourceCodester Simple Company Website SQL Injection

CVE ID : CVE-2025-6871 Published : June 29, 2025, 9:15 p.m. | 8 hours, 42 minutes ago Description : A vulnerability classified as critical has been found in SourceCodester Simple Company Website 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 21:15:00 GMT

read more

CVE-2025-6872 - SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-6872 Published : June 29, 2025, 9:15 p.m. | 8 hours, 42 minutes ago Description : A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 21:15:00 GMT

read more

CVE-2025-6870 - SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-6870 Published : June 29, 2025, 8:15 p.m. | 9 hours, 42 minutes ago Description : A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service. The manipulation of the argument img leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-24290 - UISP Authenticated SQL Injection Privilege Escalation

CVE ID : CVE-2025-24290 Published : June 29, 2025, 8:15 p.m. | 8 hours, 45 minutes ago Description : Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-24292 - Ubiquiti UniFi Network MAC Address Authentication Bypass Vulnerability

CVE ID : CVE-2025-24292 Published : June 29, 2025, 8:15 p.m. | 8 hours, 45 minutes ago Description : A misconfigured query in UniFi Network (v9.1.120 and earlier) could allow users to authenticate to Enterprise WiFi or VPN Server (l2tp and OpenVPN) using a device’s MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile. Severity: 6.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-6869 - SourceCodester Simple Company Website SQL Injection Vulnerability

CVE ID : CVE-2025-6869 Published : June 29, 2025, 8:15 p.m. | 8 hours, 45 minutes ago Description : A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/testimonials/manage.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-24289 - "UCRM Client Signup Plugin CSRF-XSS Vulnerability"

CVE ID : CVE-2025-24289 Published : June 29, 2025, 8:15 p.m. | 7 hours, 42 minutes ago Description : A Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in the UCRM Client Signup Plugin (v1.3.4 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 20:15:00 GMT

read more

CVE-2025-6867 - SourceCodester Simple Company Website SQL Injection Vulnerability

CVE ID : CVE-2025-6867 Published : June 29, 2025, 7:15 p.m. | 7 hours, 25 minutes ago Description : A vulnerability was found in SourceCodester Simple Company Website 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/services/manage.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 19:15:00 GMT

read more

CVE-2025-6868 - SourceCodester Simple Company Website SQL Injection Vulnerability

CVE ID : CVE-2025-6868 Published : June 29, 2025, 7:15 p.m. | 7 hours, 25 minutes ago Description : A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/clients/manage.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 19:15:00 GMT

read more

CVE-2025-6866 - Simple Forum PathTraversal

CVE ID : CVE-2025-6866 Published : June 29, 2025, 6:15 p.m. | 8 hours, 25 minutes ago Description : A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. This vulnerability affects unknown code of the file /forum_downloadfile.php. The manipulation of the argument filename leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 18:15:00 GMT

read more

CVE-2025-6865 - DaiCuo Cross-Site Request Forgery (CSRF) Vulnerability

CVE ID : CVE-2025-6865 Published : June 29, 2025, 5:15 p.m. | 9 hours, 25 minutes ago Description : A vulnerability, which was classified as problematic, was found in DaiCuo up to 1.3.13. This affects an unknown part of the file /admin.php/addon/index. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 17:15:00 GMT

read more

CVE-2025-6864 - SeaCMS Cross-Site Request Forgery Vulnerability

CVE ID : CVE-2025-6864 Published : June 29, 2025, 4:15 p.m. | 10 hours, 25 minutes ago Description : A vulnerability, which was classified as problematic, has been found in SeaCMS up to 13.2. Affected by this issue is some unknown functionality of the file /admin_type.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 16:15:00 GMT

read more

CVE-2025-6862 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6862 Published : June 29, 2025, 3:15 p.m. | 9 hours, 44 minutes ago Description : A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit_plan.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 15:15:00 GMT

read more

CVE-2025-6863 - PHPGurukul Local Services Search Engine Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6863 Published : June 29, 2025, 3:15 p.m. | 9 hours, 44 minutes ago Description : A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/edit-category-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 15:15:00 GMT

read more

CVE-2025-6861 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6861 Published : June 29, 2025, 2:15 p.m. | 10 hours, 44 minutes ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add_plan.php. The manipulation of the argument plan_name/description/duration_days/price leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 14:15:00 GMT

read more

CVE-2025-6859 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6859 Published : June 29, 2025, 1:15 p.m. | 11 hours, 44 minutes ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/pro_sale.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 13:15:00 GMT

read more

CVE-2025-6860 - SourceCodester Best Salon Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6860 Published : June 29, 2025, 1:15 p.m. | 11 hours, 44 minutes ago Description : A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staff_commision.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 13:15:00 GMT

read more

CVE-2024-24915 - Check Point SmartConsole Unsecured Credentials

CVE ID : CVE-2024-24915 Published : June 29, 2025, 12:15 p.m. | 12 hours, 44 minutes ago Description : Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 12:15:00 GMT

read more

CVE-2025-5878 - "ESAPI SQL Injection Defense Encoder Encoder.encodeForSQL Improper Neutralization"

CVE ID : CVE-2025-5878 Published : June 29, 2025, 12:15 p.m. | 12 hours, 44 minutes ago Description : A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been disclosed to the public. The project was contacted early about this issue and handled it with an exceptional level of professionalism. Upgrading to version 2.7.0.0 is able to address this issue. Commit ID f75ac2c2647a81d2cfbdc9c899f8719c240ed512 is disabling the feature by default and any attempt to use it will trigger a warning. And commit ID e2322914304d9b1c52523ff24be495b7832f6a56 is updating the misleading Java class documentation to warn about the risks. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 12:15:00 GMT

read more

CVE-2025-6858 - HDF5 Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-6858 Published : June 29, 2025, 11:15 a.m. | 10 hours, 41 minutes ago Description : A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 11:15:00 GMT

read more

CVE-2025-6856 - HDF5 Use After Free Vulnerability

CVE ID : CVE-2025-6856 Published : June 29, 2025, 10:15 a.m. | 11 hours, 41 minutes ago Description : A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 10:15:00 GMT

read more

CVE-2025-6857 - HDF5 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6857 Published : June 29, 2025, 10:15 a.m. | 11 hours, 41 minutes ago Description : A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5G__node_cmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 10:15:00 GMT

read more

CVE-2025-6854 - Chatchat-space Langchain-Chatchat Path Traversal Vulnerability

CVE ID : CVE-2025-6854 Published : June 29, 2025, 9:15 a.m. | 12 hours, 41 minutes ago Description : A vulnerability classified as problematic was found in chatchat-space Langchain-Chatchat up to 0.3.1. This vulnerability affects unknown code of the file /v1/files?purpose=assistants. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 09:15:00 GMT

read more

CVE-2025-6855 - "Chatchat-Langchain Chatchat Path Traversal Vulnerability"

CVE ID : CVE-2025-6855 Published : June 29, 2025, 9:15 a.m. | 12 hours, 41 minutes ago Description : A vulnerability, which was classified as critical, has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This issue affects some unknown processing of the file /v1/file. The manipulation of the argument flag leads to path traversal. The exploit has been disclosed to the public and may be used. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 09:15:00 GMT

read more

CVE-2025-6853 - Chatchat Space Langchain-Chatchat Path Traversal Vulnerability

CVE ID : CVE-2025-6853 Published : June 29, 2025, 8:15 a.m. | 12 hours, 44 minutes ago Description : A vulnerability classified as critical has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This affects the function upload_temp_docs of the file /knowledge_base/upload_temp_docs of the component Backend. The manipulation of the argument flag leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 08:15:00 GMT

read more

CVE-2025-6849 - Simple Forum Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-6849 Published : June 29, 2025, 7:15 a.m. | 13 hours, 44 minutes ago Description : A vulnerability, which was classified as problematic, was found in code-projects Simple Forum 1.0. Affected is an unknown function of the file /forum_edit1.php. The manipulation of the argument text leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 07:15:00 GMT

read more

CVE-2025-6850 - Simple Forum SQL Injection Vulnerability

CVE ID : CVE-2025-6850 Published : June 29, 2025, 7:15 a.m. | 13 hours, 44 minutes ago Description : A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /forum1.php. The manipulation of the argument File leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 07:15:00 GMT

read more

CVE-2025-6847 - Code-projects Simple Forum SQL Injection

CVE ID : CVE-2025-6847 Published : June 29, 2025, 6:15 a.m. | 13 hours, 40 minutes ago Description : A vulnerability classified as critical was found in code-projects Simple Forum 1.0. This vulnerability affects unknown code of the file /forum_edit.php. The manipulation of the argument iii leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 06:15:00 GMT

read more

CVE-2025-6848 - Simple Forum Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-6848 Published : June 29, 2025, 6:15 a.m. | 13 hours, 40 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Simple Forum 1.0. This issue affects some unknown processing of the file /forum1.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 06:15:00 GMT

read more

CVE-2025-6462 - WordPress EZ SQL Reports Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6462 Published : June 29, 2025, 5:15 a.m. | 14 hours, 40 minutes ago Description : The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's SQLREPORT shortcode in all versions up to, and including, 5.25.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 05:15:00 GMT

read more

CVE-2025-6845 - "Simple Forum SQL Injection Vulnerability"

CVE ID : CVE-2025-6845 Published : June 29, 2025, 5:15 a.m. | 14 hours, 40 minutes ago Description : A vulnerability was found in code-projects Simple Forum 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /register1.php. The manipulation of the argument User leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 05:15:00 GMT

read more

CVE-2025-6846 - "Code-Projects Simple Forum SQL Injection Vulnerability"

CVE ID : CVE-2025-6846 Published : June 29, 2025, 5:15 a.m. | 14 hours, 40 minutes ago Description : A vulnerability classified as critical has been found in code-projects Simple Forum 1.0. This affects an unknown part of the file /forum_viewfile.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 05:15:00 GMT

read more

CVE-2025-6843 - "Code-projects Simple Photo Gallery Unrestricted File Upload Vulnerability"

CVE ID : CVE-2025-6843 Published : June 29, 2025, 4:15 a.m. | 14 hours, 44 minutes ago Description : A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been classified as critical. Affected is an unknown function of the file /upload-photo.php. The manipulation of the argument file_img leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 04:15:00 GMT

read more

CVE-2025-6844 - Simple Forum SQL Injection Vulnerability

CVE ID : CVE-2025-6844 Published : June 29, 2025, 4:15 a.m. | 14 hours, 44 minutes ago Description : A vulnerability was found in code-projects Simple Forum 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /signin.php. The manipulation of the argument User leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 04:15:00 GMT

read more

CVE-2025-6842 - Code-projects Product Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-6842 Published : June 29, 2025, 4:15 a.m. | 12 hours, 32 minutes ago Description : A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edit_user.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 04:15:00 GMT

read more

CVE-2025-6841 - Code-projects Product Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-6841 Published : June 29, 2025, 3:15 a.m. | 13 hours, 32 minutes ago Description : A vulnerability has been found in code-projects Product Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 03:15:00 GMT

read more

CVE-2025-6840 - Code-projects Product Inventory System SQL Injection Vulnerability

CVE ID : CVE-2025-6840 Published : June 29, 2025, 3:15 a.m. | 12 hours, 41 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Product Inventory System 1.0. This affects an unknown part of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 03:15:00 GMT

read more

CVE-2025-6839 - Conjure Position Department Service Quality Evaluation System Less Bootstrap Mixin Head PHP Backdoor Remote Code Execution

CVE ID : CVE-2025-6839 Published : June 29, 2025, 2:15 a.m. | 12 hours, 44 minutes ago Description : A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the file public/assets/less/bootstrap-less/mixins/head.php. The manipulation of the argument payload leads to backdoor. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 02:15:00 GMT

read more

CVE-2025-6837 - Code-projects Library System Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-6837 Published : June 29, 2025, 1:15 a.m. | 13 hours, 44 minutes ago Description : A vulnerability classified as critical was found in code-projects Library System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 01:15:00 GMT

read more

CVE-2025-6836 - Code-projects Library System SQL Injection Vulnerability

CVE ID : CVE-2025-6836 Published : June 29, 2025, 1:15 a.m. | 12 hours, 41 minutes ago Description : A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 01:15:00 GMT

read more

CVE-2025-6834 - Apache Code-Projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6834 Published : June 29, 2025, 12:15 a.m. | 12 hours, 43 minutes ago Description : A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/editPayment.php. The manipulation of the argument orderId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 00:15:00 GMT

read more

CVE-2025-6835 - "Code-projects Library System SQL Injection Vulnerability"

CVE ID : CVE-2025-6835 Published : June 29, 2025, 12:15 a.m. | 12 hours, 43 minutes ago Description : A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. The manipulation of the argument reg leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 29 Jun 2025 00:15:00 GMT

read more

CVE-2025-6828 - Code-Projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6828 Published : June 28, 2025, 11:15 p.m. | 12 hours, 33 minutes ago Description : A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The manipulation of the argument i leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-6829 - AluoXiang Oa System External Address Book Handler SQL Injection Vulnerability

CVE ID : CVE-2025-6829 Published : June 28, 2025, 11:15 p.m. | 12 hours, 33 minutes ago Description : A vulnerability was found in aaluoxiang oa_system up to c3a08168c144f27256a90838492c713f55f1b207 and classified as critical. This issue affects the function outAddress of the component External Address Book Handler. The manipulation leads to sql injection. The attack may be initiated remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-5951 - CVE-2022-1234: Apache HTTP Server Unauthenticated Remote Code Execution

CVE ID : CVE-2025-5951 Published : June 28, 2025, 11:15 p.m. | 11 hours, 27 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-53392 - pfSense File Traversal Vulnerability

CVE ID : CVE-2025-53392 Published : June 28, 2025, 11:15 p.m. | 10 hours, 39 minutes ago Description : In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier's perspective is that this is intended behavior for this privilege level, and that system administrators are informed through both the product documentation and UI. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-53393 - Akka Cluster Metrics Java Serialization Deserialization Vulnerability

CVE ID : CVE-2025-53393 Published : June 28, 2025, 11:15 p.m. | 10 hours, 39 minutes ago Description : In Akka through 2.10.6, akka-cluster-metrics uses Java serialization for cluster metrics. Severity: 6.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 23:15:00 GMT

read more

CVE-2025-53391 - "Debian ZuluPolkit PolicyKit Privilege Escalation"

CVE ID : CVE-2025-53391 Published : June 28, 2025, 10:15 p.m. | 10 hours, 24 minutes ago Description : The Debian zuluPolkit/CMakeLists.txt file for zuluCrypt through the zulucrypt_6.2.0-1 package has insecure PolicyKit allow_any/allow_inactive/allow_active settings that allow a local user to escalate their privileges to root. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 22:15:00 GMT

read more

CVE-2025-6827 - Code-Projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6827 Published : June 28, 2025, 10:15 p.m. | 10 hours, 24 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/editOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 22:15:00 GMT

read more

CVE-2025-6826 - Payroll Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6826 Published : June 28, 2025, 9:15 p.m. | 10 hours, 38 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Payroll Management System 1.0. Affected by this issue is some unknown functionality of the file /Payroll_Management_System/ajax.php?action=save_department. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 21:15:00 GMT

read more

CVE-2025-6825 - TOTOLINK A702R HTTP POST Request Handler Buffer Overflow Vulnerability

CVE ID : CVE-2025-6825 Published : June 28, 2025, 9:15 p.m. | 9 hours, 22 minutes ago Description : A vulnerability classified as critical was found in TOTOLINK A702R up to 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 21:15:00 GMT

read more

CVE-2025-6824 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow

CVE ID : CVE-2025-6824 Published : June 28, 2025, 8:15 p.m. | 10 hours, 22 minutes ago Description : A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 20:15:00 GMT

read more

CVE-2025-6823 - Code-projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6823 Published : June 28, 2025, 8:15 p.m. | 9 hours, 38 minutes ago Description : A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /php_action/editProduct.php. The manipulation of the argument editProductName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 20:15:00 GMT

read more

CVE-2025-6822 - Code-projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6822 Published : June 28, 2025, 7:15 p.m. | 10 hours, 38 minutes ago Description : A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/removeProduct.php. The manipulation of the argument productId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 19:15:00 GMT

read more

CVE-2025-32897 - Apache Seata (incubating) Untrusted Data Deserialization Vulnerability

CVE ID : CVE-2025-32897 Published : June 28, 2025, 7:15 p.m. | 9 hours, 20 minutes ago Description : Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This security vulnerability is the same as CVE-2024-47552, but the version range described in the CVE-2024-47552 definition is too narrow. This issue affects Apache Seata (incubating): from 2.0.0 before 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 19:15:00 GMT

read more

CVE-2025-6820 - Code-projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6820 Published : June 28, 2025, 6:15 p.m. | 10 hours, 20 minutes ago Description : A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /php_action/createProduct.php. The manipulation of the argument productName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 18:15:00 GMT

read more

CVE-2025-6821 - Code-projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6821 Published : June 28, 2025, 6:15 p.m. | 10 hours, 20 minutes ago Description : A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/createOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 18:15:00 GMT

read more

CVE-2025-6819 - Code-projects Inventory Management System SQL Injection Vulnerability

CVE ID : CVE-2025-6819 Published : June 28, 2025, 5:15 p.m. | 10 hours, 41 minutes ago Description : A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /php_action/removeBrand.php. The manipulation of the argument brandId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 17:15:00 GMT

read more

CVE-2023-29113 - Volkswagen Skoda MIB3 Privilege Escalation Vulnerability

CVE ID : CVE-2023-29113 Published : June 28, 2025, 4:15 p.m. | 11 hours, 41 minutes ago Description : The MIB3 infotainment unit used in Skoda and Volkswagen vehicles does not incorporate any privilege separation for the proprietary inter-process communication mechanism, leaving attackers with presence in the system an ability to undermine access control restrictions implemented at the operating system level. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2025-6818 - HDF5 Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6818 Published : June 28, 2025, 4:15 p.m. | 11 hours, 41 minutes ago Description : A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5O__chunk_protect of the file /src/H5Ochunk.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28911 - Skoda MIB3 Bluetooth Stack Channel Disconnection Denial-of-Service Vulnerability

CVE ID : CVE-2023-28911 Published : June 28, 2025, 4:15 p.m. | 10 hours, 24 minutes ago Description : A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary channel disconnection. An attacker can leverage this vulnerability to cause a denial-of-service attack for every connected client of the infotainment device. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28912 - Skoda MIB3 In-vehicle Contact Data Disclosure

CVE ID : CVE-2023-28912 Published : June 28, 2025, 4:15 p.m. | 10 hours, 24 minutes ago Description : The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner's contact data. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 5.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28910 - Skoda MIB3 Bluetooth Stack Assertion Bypass Vulnerability

CVE ID : CVE-2023-28910 Published : June 28, 2025, 4:15 p.m. | 9 hours, 38 minutes ago Description : A specific flaw exists within the Bluetooth stack of the MIB3 infotainment system. The issue results from the disabled abortion flag eventually leading to bypassing assertion functions. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28908 - Volkswagen MIB3 Bluetooth Integer Overflow Vulnerability

CVE ID : CVE-2023-28908 Published : June 28, 2025, 4:15 p.m. | 8 hours, 24 minutes ago Description : A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28909 - Skoda MIB3 Bluetooth Integer Overflow Remote Code Execution Vulnerability

CVE ID : CVE-2023-28909 Published : June 28, 2025, 4:15 p.m. | 8 hours, 24 minutes ago Description : A specific flaw exists within the Bluetooth stack of the MIB3 unit. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving fragmented HCI packets on a channel. An attacker can leverage this vulnerability to bypass the MTU check on a channel with enabled fragmentation. Consequently, this can lead to a buffer overflow in upper layer profiles, which can be used to obtain remote code execution. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28902 - Skoda MIB3 Infotainment Unit Integer Underflow Denial-of-Service Vulnerability

CVE ID : CVE-2023-28902 Published : June 28, 2025, 4:15 p.m. | 5 hours, 37 minutes ago Description : An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28903 - MIB3 Infotainment Unit Integer Overflow Denial-of-Service

CVE ID : CVE-2023-28903 Published : June 28, 2025, 4:15 p.m. | 5 hours, 37 minutes ago Description : An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the infotainment system. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28904 - MIB3 Infotainment Unit Bootloader Boot Process Code Execution Vulnerability

CVE ID : CVE-2023-28904 Published : June 28, 2025, 4:15 p.m. | 5 hours, 37 minutes ago Description : A logic flaw leading to a RAM buffer overflow in the bootloader component of the MIB3 infotainment unit allows an attacker with physical access to the MIB3 ECU to bypass firmware signature verification and run arbitrary code in the infotainment system at boot process. Severity: 5.2 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28905 - Skoda MIB3 Infotainment Unit Heap Buffer Overflow

CVE ID : CVE-2023-28905 Published : June 28, 2025, 4:15 p.m. | 5 hours, 37 minutes ago Description : A heap buffer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker to execute arbitrary code on it. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28906 - Skoda MIB3 Infotainment Command Injection Vulnerability

CVE ID : CVE-2023-28906 Published : June 28, 2025, 4:15 p.m. | 5 hours, 37 minutes ago Description : A command injection in the networking service of the MIB3 infotainment allows an attacker already presenting in the system to escalate privileges and obtain administrative access to the system. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2023-28907 - Skoda Superb III MIB3 CAN Bus CPU Core Isolation Bypass

CVE ID : CVE-2023-28907 Published : June 28, 2025, 4:15 p.m. | 5 hours, 37 minutes ago Description : There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. Severity: 6.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 16:15:00 GMT

read more

CVE-2025-1991 - IBM Informix Dynamic Server Denial of Service Buffer Overflow

CVE ID : CVE-2025-1991 Published : June 28, 2025, 1:15 p.m. | 8 hours, 37 minutes ago Description : IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow when processing packets. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 13:15:00 GMT

read more

CVE-2025-6817 - HDF5 Resource Consumption Denial of Service

CVE ID : CVE-2025-6817 Published : June 28, 2025, 12:15 p.m. | 9 hours, 37 minutes ago Description : A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5C__load_entry of the file /src/H5Centry.c. The manipulation leads to resource consumption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 12:15:00 GMT

read more

CVE-2025-6816 - HDF5 Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6816 Published : June 28, 2025, 8:15 a.m. | 13 hours, 37 minutes ago Description : A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5O__fsinfo_encode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-38086 - "NetChip Ch9200 Uninitialized Memory Access Vulnerability"

CVE ID : CVE-2025-38086 Published : June 28, 2025, 8:15 a.m. | 12 hours, 24 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during mii_nway_restart In mii_nway_restart() the code attempts to call mii->mdio_read which is ch9200_mdio_read(). ch9200_mdio_read() utilises a local buffer called "buff", which is initialised with control_read(). However "buff" is conditionally initialised inside control_read(): if (err == size) { memcpy(data, buf, size); } If the condition of "err == size" is not met, then "buff" remains uninitialised. Once this happens the uninitialised "buff" is accessed and returned during ch9200_mdio_read(): return (buff[0] | buff[1] 8); The problem stems from the fact that ch9200_mdio_read() ignores the return value of control_read(), leading to uinit-access of "buff". To fix this we should check the return value of control_read() and return early on error. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-5937 - WordPress MicroPayments Fans Paysite CSRF Vulnerability

CVE ID : CVE-2025-5937 Published : June 28, 2025, 8:15 a.m. | 12 hours, 24 minutes ago Description : The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Wallet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the adminOptions() function. This makes it possible for unauthenticated attackers to reset the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-38084 - Linux Kernel Hugetlb Racy Protection Vulnerability

CVE ID : CVE-2025-38084 Published : June 28, 2025, 8:15 a.m. | 11 hours, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, __split_vma() triggers hugetlb page table unsharing through vm_ops->may_split(). This happens before the VMA lock and rmap locks are taken - which is too early, it allows racing VMA-locked page faults in our process and racing rmap walks from other processes to cause page tables to be shared again before we actually perform the split. Fix it by explicitly calling into the hugetlb unshare logic from __split_vma() in the same place where THP splitting also happens. At that point, both the VMA and the rmap(s) are write-locked. An annoying detail is that we can now call into the helper hugetlb_unshare_pmds() from two different locking contexts: 1. from hugetlb_split(), holding: - mmap lock (exclusively) - VMA lock - file rmap lock (exclusively) 2. hugetlb_unshare_all_pmds(), which I think is designed to be able to call us with only the mmap lock held (in shared mode), but currently only runs while holding mmap lock (exclusively) and VMA lock Backporting note: This commit fixes a racy protection that was introduced in commit b30c14cd6102 ("hugetlb: unshare some PMDs when splitting VMAs"); that commit claimed to fix an issue introduced in 5.13, but it should actually also go all the way back. [jannh@google.com: v2] Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-38085 - Linux Kernel: Huge Page Table Unshare Race Condition Vulnerability

CVE ID : CVE-2025-38085 Published : June 28, 2025, 8:15 a.m. | 11 hours, 37 minutes ago Description : In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race huge_pmd_unshare() drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in which unrelated VMAs can afterwards be installed. If this happens in the middle of a concurrent gup_fast(), gup_fast() could end up walking the page tables of another process. While I don't see any way in which that immediately leads to kernel memory corruption, it is really weird and unexpected. Fix it with an explicit broadcast IPI through tlb_remove_table_sync_one(), just like we do in khugepaged when removing page tables for a THP collapse. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 08:15:00 GMT

read more

CVE-2025-5304 - PT Project Notebooks WordPress Privilege Escalation

CVE ID : CVE-2025-5304 Published : June 28, 2025, 6:15 a.m. | 12 hours, 12 minutes ago Description : The PT Project Notebooks plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the wpnb_pto_new_users_add() function in versions 1.0.0 through 1.1.3. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 06:15:00 GMT

read more

CVE-2025-6755 - WordPress Game Users Share Buttons Plugin Remote Code Execution and File Deletion Vulnerability

CVE ID : CVE-2025-6755 Published : June 28, 2025, 6:15 a.m. | 12 hours, 12 minutes ago Description : The Game Users Share Buttons plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ajaxDeleteTheme() function in all versions up to, and including, 1.3.0. This makes it possible for Subscriber-level attackers to add arbitrary file paths (such as ../../../../wp-config.php) to the themeNameId parameter of the AJAX request, which can lead to remote code execution. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 06:15:00 GMT

read more

CVE-2025-6252 - "Qi Addons For Elementor Stored Cross-Site Scripting Vulnerability"

CVE ID : CVE-2025-6252 Published : June 28, 2025, 5:15 a.m. | 13 hours, 12 minutes ago Description : The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 05:15:00 GMT

read more

CVE-2025-6381 - BeeTeam368 Extensions plugin for WordPress Directory Traversal Vulnerability

CVE ID : CVE-2025-6381 Published : June 28, 2025, 4:15 a.m. | 14 hours, 12 minutes ago Description : The BeeTeam368 Extensions plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handle_remove_temp_file() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory. This vulnerability can be used to delete the wp-config.php file, which can be leveraged into a site takeover. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 04:15:00 GMT

read more

CVE-2025-6379 - BeeTeam368 Extensions Pro for WordPress Directory Traversal Vulnerability

CVE ID : CVE-2025-6379 Published : June 28, 2025, 4:15 a.m. | 12 hours, 24 minutes ago Description : The BeeTeam368 Extensions Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handle_live_fn() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory. This vulnerability can be used to delete the wp-config.php file, which can be leveraged into a site takeover. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 04:15:00 GMT

read more

CVE-2025-6350 - WordPress WP VR 360 Panorama Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6350 Published : June 28, 2025, 4:15 a.m. | 12 hours, 9 minutes ago Description : The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hotspot-hover’ parameter in all versions up to, and including, 8.5.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 04:15:00 GMT

read more

CVE-2025-53380 - Apache Struts Deserialization Vulnerability

CVE ID : CVE-2025-53380 Published : June 28, 2025, 3:15 a.m. | 13 hours, 10 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53381 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-53381 Published : June 28, 2025, 3:15 a.m. | 13 hours, 10 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53382 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53382 Published : June 28, 2025, 3:15 a.m. | 13 hours, 10 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53383 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53383 Published : June 28, 2025, 3:15 a.m. | 13 hours, 10 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53384 - Apache HTTP Server Information Disclosure

CVE ID : CVE-2025-53384 Published : June 28, 2025, 3:15 a.m. | 13 hours, 10 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53385 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53385 Published : June 28, 2025, 3:15 a.m. | 13 hours, 10 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53386 - FTC's Online Payment Processing System Authentication Bypass

CVE ID : CVE-2025-53386 Published : June 28, 2025, 3:15 a.m. | 13 hours, 10 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53387 - Apache Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-53387 Published : June 28, 2025, 3:15 a.m. | 13 hours, 10 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2025-53388 - Apache HTTP Server SQL Injection

CVE ID : CVE-2025-53388 Published : June 28, 2025, 3:15 a.m. | 13 hours, 10 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 03:15:00 GMT

read more

CVE-2024-52900 - IBM Cognos Analytics Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-52900 Published : June 28, 2025, 1:15 a.m. | 15 hours, 10 minutes ago Description : IBM Cognos Analytics 11.2.0 through 12.2.4 Fix Pack 5 and 12.0.0 through 12.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 01:15:00 GMT

read more

CVE-2025-36026 - IBM Datacap Insecure Cookie Handling Vulnerability

CVE ID : CVE-2025-36026 Published : June 28, 2025, 1:15 a.m. | 15 hours, 10 minutes ago Description : IBM Datacap 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 01:15:00 GMT

read more

CVE-2025-36027 - IBM Datacap Clickjacking Vulnerability

CVE ID : CVE-2025-36027 Published : June 28, 2025, 1:15 a.m. | 15 hours, 10 minutes ago Description : IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 01:15:00 GMT

read more

CVE-2024-39730 - IBM Datacap Navigator Click Hijacking Vulnerability

CVE ID : CVE-2024-39730 Published : June 28, 2025, 1:15 a.m. | 11 hours, 4 minutes ago Description : IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sat, 28 Jun 2025 01:15:00 GMT

read more

CVE-2024-36347 - AMD CPU ROM Microcode Signature Verification Bypass (Validation Bypass)

CVE ID : CVE-2024-36347 Published : June 27, 2025, 11:15 p.m. | 13 hours, 4 minutes ago Description : Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 23:15:00 GMT

read more

CVE-2025-53097 - Roo Code Schema Fetching File Read and Write Vulnerability

CVE ID : CVE-2025-53097 Published : June 27, 2025, 10:15 p.m. | 9 hours, 36 minutes ago Description : Roo Code is an AI-powered autonomous coding agent. Prior to version 3.20.3, there was an issue where the Roo Code agent's `search_files` tool did not respect the setting to disable reads outside of the VS Code workspace. This means that an attacker who was able to inject a prompt into the agent could potentially read a sensitive file and then write the information to a JSON schema. Users have the option to disable schema fetching in VS Code, but the feature is enabled by default. For users with this feature enabled, writing to the schema would trigger a network request without the user having a chance to deny. This issue is of moderate severity, since it requires the attacker to already be able to submit prompts to the agent. Version 3.20.3 fixed the issue where `search_files` did not respect the setting to limit it to the workspace. This reduces the scope of the damage if an attacker is able to take control of the agent through prompt injection or another vector. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 22:15:00 GMT

read more

CVE-2025-53098 - Roo Code MCP Configuration Command Injection Vulnerability

CVE ID : CVE-2025-53098 Published : June 27, 2025, 10:15 p.m. | 9 hours, 36 minutes ago Description : Roo Code is an AI-powered autonomous coding agent. The project-specific MCP configuration for the Roo Code agent is stored in the `.roo/mcp.json` file within the VS Code workspace. Because the MCP configuration format allows for execution of arbitrary commands, prior to version 3.20.3, it would have been possible for an attacker with access to craft a prompt to ask the agent to write a malicious command to the MCP configuration file. If the user had opted-in to auto-approving file writes within the project, this would have led to arbitrary command execution. This issue is of moderate severity, since it requires the attacker to already be able to submit prompts to the agent (for instance through a prompt injection attack), for the user to have MCP enabled (on by default), and for the user to have enabled auto-approved file writes (off by default). Version 3.20.3 fixes the issue by adding an additional layer of opt-in configuration for auto-approving writing to Roo's configuration files, including all files within the `.roo/` folder. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 22:15:00 GMT

read more

CVE-2025-6777 - Food Distributor Site SQL Injection Vulnerability

CVE ID : CVE-2025-6777 Published : June 27, 2025, 9:15 p.m. | 10 hours, 36 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Food Distributor Site 1.0. This issue affects some unknown processing of the file /admin/process_login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 21:15:00 GMT

read more

CVE-2025-6778 - Food Distributor Site Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6778 Published : June 27, 2025, 9:15 p.m. | 10 hours, 36 minutes ago Description : A vulnerability, which was classified as problematic, was found in code-projects Food Distributor Site 1.0. Affected is an unknown function of the file /admin/save_settings.php. The manipulation of the argument site_phone/site_email/address leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 21:15:00 GMT

read more

CVE-2025-6776 - Xiaoyunjie OpenVPN-CMS-Flask Remote Path Traversal

CVE ID : CVE-2025-6776 Published : June 27, 2025, 8:15 p.m. | 11 hours, 36 minutes ago Description : A vulnerability classified as critical was found in xiaoyunjie openvpn-cms-flask up to 1.2.7. This vulnerability affects the function Upload of the file app/plugins/oss/app/controller.py of the component File Upload. The manipulation of the argument image leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.2.8 is able to address this issue. The name of the patch is e23559b98c8ea2957f09978c29f4e512ba789eb6. It is recommended to upgrade the affected component. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 20:15:00 GMT

read more

CVE-2025-6774 - Gooaclok819 SublinkX Path Traversal Vulnerability

CVE ID : CVE-2025-6774 Published : June 27, 2025, 8:15 p.m. | 9 hours, 36 minutes ago Description : A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been rated as critical. Affected by this issue is the function AddTemp of the file api/template.go. The manipulation of the argument filename leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.9 is able to address this issue. The patch is identified as 778d26aef723daa58df98c8060c43f5bf5d1b10b. It is recommended to upgrade the affected component. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 20:15:00 GMT

read more

CVE-2025-6775 - Xiaoyunjie OpenVPN-CMS-Flask Command Injection Vulnerability

CVE ID : CVE-2025-6775 Published : June 27, 2025, 8:15 p.m. | 9 hours, 36 minutes ago Description : A vulnerability classified as critical has been found in xiaoyunjie openvpn-cms-flask up to 1.2.7. This affects the function create_user of the file /app/api/v1/openvpn.py of the component User Creation Endpoint. The manipulation of the argument Username leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.2.8 is able to address this issue. The patch is named e23559b98c8ea2957f09978c29f4e512ba789eb6. It is recommended to upgrade the affected component. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 20:15:00 GMT

read more

CVE-2025-53094 - ESPAsyncWebServer CRLF Injection Vulnerability

CVE ID : CVE-2025-53094 Published : June 27, 2025, 8:15 p.m. | 8 hours, 1 minute ago Description : ESPAsyncWebServer is an asynchronous HTTP and WebSocket server library for ESP32, ESP8266, RP2040 and RP2350. In versions up to and including 3.7.8, a CRLF (Carriage Return Line Feed) injection vulnerability exists in the construction and output of HTTP headers within `AsyncWebHeader.cpp`. Unsanitized input allows attackers to inject CR (`\r`) or LF (`\n`) characters into header names or values, leading to arbitrary header or response manipulation. Manipulation of HTTP headers and responses can enable a wide range of attacks, making the severity of this vulnerability high. A fix is available at pull request 211 and is expected to be part of version 3.7.9. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 20:15:00 GMT

read more

CVE-2025-6772 - Eosphoros-AI Db-GPT Path Traversal Vulnerability

CVE ID : CVE-2025-6772 Published : June 27, 2025, 7:15 p.m. | 9 hours, 1 minute ago Description : A vulnerability was found in eosphoros-ai db-gpt up to 0.7.2. It has been classified as critical. Affected is the function import_flow of the file /api/v2/serve/awel/flow/import. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 19:15:00 GMT

read more

CVE-2025-6773 - HKUDS LightRAG Path Traversal Vulnerability

CVE ID : CVE-2025-6773 Published : June 27, 2025, 7:15 p.m. | 9 hours, 1 minute ago Description : A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function upload_to_input_dir of the file lightrag/api/routers/document_routes.py of the component File Upload. The manipulation of the argument file.filename leads to path traversal. It is possible to launch the attack on the local host. The identifier of the patch is 60777d535b719631680bcf5d0969bdef79ca4eaf. It is recommended to apply a patch to fix this issue. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 19:15:00 GMT

read more

CVE-2025-6522 - Sight Bulb Pro Root Shell Command Injection Vulnerability

CVE ID : CVE-2025-6522 Published : June 27, 2025, 6:15 p.m. | 10 hours ago Description : Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well formed JSON string. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 18:15:00 GMT

read more

CVE-2025-53093 - TabberNeue Cross-Site Scripting (XSS)

CVE ID : CVE-2025-53093 Published : June 27, 2025, 6:15 p.m. | 8 hours ago Description : TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Starting in version 3.0.0 and prior to version 3.1.1, any user can insert arbitrary HTMLinto the DOM by inserting a payload into any allowed attribute of the `` tag. Version 3.1.1 contains a patch for the bug. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 18:15:00 GMT

read more

CVE-2025-5310 - Dover Fueling Solutions ProGauge MagLink LX Consoles Unauthenticated Remote Code Execution

CVE ID : CVE-2025-5310 Published : June 27, 2025, 6:15 p.m. | 8 hours ago Description : Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 18:15:00 GMT

read more

CVE-2024-12364 - Mavi Yeşil Software Guest Tracking Software SQL Injection Vulnerability

CVE ID : CVE-2024-12364 Published : June 27, 2025, 5:15 p.m. | 9 hours ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mavi Yeşil Software Guest Tracking Software allows SQL Injection.This issue affects . NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-44557 - Cypress PSoC4 BLE State Machine Transition Vulnerability

CVE ID : CVE-2025-44557 Published : June 27, 2025, 5:15 p.m. | 9 hours ago Description : A state machine transition flaw in the Bluetooth Low Energy (BLE) stack of Cypress PSoC4 v3.66 allows attackers to bypass the pairing process and authentication via a crafted pairing_failed packet. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-44559 - Realtek RTL8762E BLE DoS Vulnerability

CVE ID : CVE-2025-44559 Published : June 27, 2025, 5:15 p.m. | 9 hours ago Description : An issue in the Bluetooth Low Energy (BLE) stack of Realtek RTL8762E BLE SDK v1.4.0 allows attackers within Bluetooth range to cause a Denial of Service (DoS) via sending a specific sequence of crafted control packets. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-46707 - VMware ESXi Firmware Privilege Escalation

CVE ID : CVE-2025-46707 Published : June 27, 2025, 5:15 p.m. | 9 hours ago Description : Software installed and running inside a Guest VM may override Firmware's state and gain access to the GPU. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-46708 - VMware ESXi GPU Resource Hijacking

CVE ID : CVE-2025-46708 Published : June 27, 2025, 5:15 p.m. | 9 hours ago Description : Software installed and running inside a Guest VM may conduct improper GPU system calls to prevent other Guests from running work on the GPU. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-52207 - MikoPBX PHP File Upload Vulnerability

CVE ID : CVE-2025-52207 Published : June 27, 2025, 5:15 p.m. | 9 hours ago Description : PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-6521 - Sight Bulb Pro Cleartext AES Encryption Key Exfiltration

CVE ID : CVE-2025-6521 Published : June 27, 2025, 5:15 p.m. | 9 hours ago Description : During the initial setup of the device the user connects to an access point broadcast by the Sight Bulb Pro. During the negotiation, AES Encryption keys are passed in cleartext. If captured, an attacker may be able to decrypt communications between the management app and the Sight Bulb Pro which may include sensitive information such as network credentials. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2024-12143 - Mobilteg Mobile Informatics Mikro Hand Terminal SQL Injection

CVE ID : CVE-2024-12143 Published : June 27, 2025, 5:15 p.m. | 6 hours, 58 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mobilteg Mobile Informatics Mikro Hand Terminal - MikroDB allows SQL Injection.This issue affects . NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2024-12150 - Eron Software Wowwo CRM SQL Injection

CVE ID : CVE-2024-12150 Published : June 27, 2025, 5:15 p.m. | 6 hours, 58 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eron Software Wowwo CRM allows Blind SQL Injection.This issue affects . NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 17:15:00 GMT

read more

CVE-2025-50369 - PHPGurukul Medical Card Generation System CSRF Vulnerability

CVE ID : CVE-2025-50369 Published : June 27, 2025, 4:15 p.m. | 7 hours, 58 minutes ago Description : A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php) of PHPGurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authorized admin to delete medical card records by sending a simple GET request without verifying the origin of the request. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 16:15:00 GMT

read more

CVE-2025-50370 - Phpgurukul Medical Card Generation System CSRF Vulnerability

CVE ID : CVE-2025-50370 Published : June 27, 2025, 4:15 p.m. | 7 hours, 58 minutes ago Description : A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring a CSRF token or validating the origin of the request. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 16:15:00 GMT

read more

CVE-2024-11739 - Case Informatics Case ERP SQL Injection

CVE ID : CVE-2024-11739 Published : June 27, 2025, 4:15 p.m. | 5 hours, 57 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Case Informatics Case ERP allows SQL Injection.This issue affects Case ERP: before V2.0.1. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 16:15:00 GMT

read more

CVE-2025-50367 - PhpGurukul Medical Card Generation System Stored Blind XSS

CVE ID : CVE-2025-50367 Published : June 27, 2025, 4:15 p.m. | 5 hours, 57 minutes ago Description : A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 16:15:00 GMT

read more

CVE-2025-6705 - Microsoft Azure DevOps Open-VSX Unauthorized Build Script Execution Vulnerability

CVE ID : CVE-2025-6705 Published : June 27, 2025, 3:15 p.m. | 6 hours, 57 minutes ago Description : On open-vsx.org https://open-vsx.org/ it was possible to run an arbitrary build scripts for auto-published extensions because of missing sandboxing of CI job runs. An attacker who had access to an existing extension could take over the service account of the marketplace. The issue has been fixed on June 24th, 2025 and the vulnerable code present in the publish-extension code repository. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 15:15:00 GMT

read more

CVE-2023-38007 - IBM Cloud Pak System HTML Injection Vulnerability

CVE ID : CVE-2023-38007 Published : June 27, 2025, 3:15 p.m. | 4 hours, 52 minutes ago Description : IBM Cloud Pak System 2.3.5.0, 2.3.3.7, 2.3.3.7 iFix1 on Power and 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.4.0, 2.3.4.1 on Intel operating systems is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 15:15:00 GMT

read more

CVE-2025-52553 - Authentik RAC Token Session Hijacking Vulnerability

CVE ID : CVE-2025-52553 Published : June 27, 2025, 3:15 p.m. | 4 hours, 52 minutes ago Description : authentik is an open-source identity provider. After authorizing access to a RAC endpoint, authentik creates a token which is used for a single connection and is sent to the client in the URL. This token is intended to only be valid for the session of the user who authorized the connection, however this check is missing in versions prior to 2025.6.3 and 2025.4.3. When, for example, using RAC during a screenshare, a malicious user could access the same session by copying the URL from the shown browser. authentik 2025.4.3 and 2025.6.3 fix this issue. As a workaround, it is recommended to decrease the duration a token is valid for (in the RAC Provider settings, set Connection expiry to `minutes=5` for example). The maintainers of authentik also recommend enabling the option Delete authorization on disconnect. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 15:15:00 GMT

read more

CVE-2025-53091 - WeGIA Time-Based Blind SQL Injection

CVE ID : CVE-2025-53091 Published : June 27, 2025, 3:15 p.m. | 4 hours, 52 minutes ago Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in version 3.3.3 the almox parameter of the `/controle/getProdutosPorAlmox.php` endpoint. This issue allows any unauthenticated attacker to inject arbitrary SQL queries, potentially leading to unauthorized data access or further exploitation depending on database configuration. Version 3.4.0 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 15:15:00 GMT

read more

CVE-2025-53338 - Re.place CSRF Stored XSS

CVE ID : CVE-2025-53338 Published : June 27, 2025, 2:15 p.m. | 5 hours, 52 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in dor re.place allows Stored XSS. This issue affects re.place: from n/a through 0.2.1. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53339 - Devnex Addons For Elementor PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-53339 Published : June 27, 2025, 2:15 p.m. | 5 hours, 52 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in devnex Devnex Addons For Elementor allows PHP Local File Inclusion. This issue affects Devnex Addons For Elementor: from n/a through 1.0.9. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-6768 - "Sfturing Hosp_Order SQL Injection Vulnerability"

CVE ID : CVE-2025-6768 Published : June 27, 2025, 2:15 p.m. | 5 hours, 52 minutes ago Description : A vulnerability classified as critical has been found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. Affected is the function findAllHosByCondition of the file HospitalServiceImpl.java. The manipulation of the argument hospitalName leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53332 - Ethoseo Track Everything CSRF Stored XSS

CVE ID : CVE-2025-53332 Published : June 27, 2025, 2:15 p.m. | 4 hours, 39 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in ethoseo Track Everything allows Stored XSS. This issue affects Track Everything: from n/a through 2.0.1. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53336 - Abditsori My Resume Builder Stored Cross-Site Scripting

CVE ID : CVE-2025-53336 Published : June 27, 2025, 2:15 p.m. | 4 hours, 39 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in abditsori My Resume Builder allows Stored XSS. This issue affects My Resume Builder: from n/a through 1.0.3. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53327 - Aioseo Multibyte Descriptions CSRF

CVE ID : CVE-2025-53327 Published : June 27, 2025, 2:15 p.m. | 3 hours, 35 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in rui_mashita Aioseo Multibyte Descriptions allows Cross Site Request Forgery. This issue affects Aioseo Multibyte Descriptions: from n/a through 0.0.6. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53329 - Szajenw Społecznościowa CSRF Stored XSS

CVE ID : CVE-2025-53329 Published : June 27, 2025, 2:15 p.m. | 3 hours, 35 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in szajenw Społecznościowa 6 PL 2013 allows Stored XSS. This issue affects Społecznościowa 6 PL 2013: from n/a through 2.0.6. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53331 - Samcharrington RSS Digest CSRF Stored XSS

CVE ID : CVE-2025-53331 Published : June 27, 2025, 2:15 p.m. | 3 hours, 35 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in samcharrington RSS Digest allows Stored XSS. This issue affects RSS Digest: from n/a through 1.5. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53310 - Funnnny HidePost CSRF Reflected XSS

CVE ID : CVE-2025-53310 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Funnnny HidePost allows Reflected XSS. This issue affects HidePost: from n/a through 2.3.8. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53311 - Navayan Subscribe CSRF Stored XSS

CVE ID : CVE-2025-53311 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Amol Nirmala Waman Navayan Subscribe allows Stored XSS. This issue affects Navayan Subscribe: from n/a through 1.13. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53312 - OnionBuzz Looks Awesome CSRF Stored XSS

CVE ID : CVE-2025-53312 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Looks Awesome OnionBuzz allows Stored XSS. This issue affects OnionBuzz: from n/a through 1.0.7. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53313 - Twitch TV Embed Suite CSRF Stored XSS

CVE ID : CVE-2025-53313 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in plumwd Twitch TV Embed Suite allows Stored XSS. This issue affects Twitch TV Embed Suite: from n/a through 2.1.0. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53314 - Sh1zen WP Optimizer CSRF-Enabled SQL Injection

CVE ID : CVE-2025-53314 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in sh1zen WP Optimizer allows SQL Injection. This issue affects WP Optimizer: from n/a through 2.3.6. Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53315 - Alanft Relocate Upload CSRF Stored XSS

CVE ID : CVE-2025-53315 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in alanft Relocate Upload allows Stored XSS. This issue affects Relocate Upload: from n/a through 0.24.1. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53317 - AcmeeDesign WPShapere Lite CSRF Stored XSS

CVE ID : CVE-2025-53317 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in AcmeeDesign WPShapere Lite allows Stored XSS. This issue affects WPShapere Lite: from n/a through 1.4. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53318 - WPManiax WP DB Booster Missing Authorization Vulnerability

CVE ID : CVE-2025-53318 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Missing Authorization vulnerability in WPManiax WP DB Booster allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP DB Booster: from n/a through 1.0.1. Severity: 5.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53320 - Wp Enhanced Free Downloads EDD Cross-site Scripting

CVE ID : CVE-2025-53320 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wp Enhanced Free Downloads EDD allows DOM-Based XSS. This issue affects Free Downloads EDD: from n/a through 1.0.4. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53321 - Raise The Money Cross-Site Scripting

CVE ID : CVE-2025-53321 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raise The Money Raise The Money allows DOM-Based XSS. This issue affects Raise The Money: from n/a through 5.2. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53322 - ZealousWeb Contact Form 7 Information Disclosure Vulnerability

CVE ID : CVE-2025-53322 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Authorize.NET Payments Using Contact Form 7 allows Retrieve Embedded Sensitive Data. This issue affects Accept Authorize.NET Payments Using Contact Form 7: from n/a through 2.5. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53323 - Danbriapps Pre-Publish Post Checklist Missing Authorization

CVE ID : CVE-2025-53323 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Missing Authorization vulnerability in danbriapps Pre-Publish Post Checklist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Pre-Publish Post Checklist: from n/a through 3.1. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53325 - Dilip Kumar Beauty Contact Popup Form Stored Cross-site Scripting Vulnerability

CVE ID : CVE-2025-53325 Published : June 27, 2025, 2:15 p.m. | 1 hour, 49 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dilip kumar Beauty Contact Popup Form allows Stored XSS. This issue affects Beauty Contact Popup Form: from n/a through 6.0. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53305 - Lucidcrew WP Forum Server CSRF Stored XSS

CVE ID : CVE-2025-53305 Published : June 27, 2025, 2:15 p.m. | 23 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in lucidcrew WP Forum Server allows Stored XSS. This issue affects WP Forum Server: from n/a through 1.8.2. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53306 - Lucidcrew WP Forum Server SQL Injection

CVE ID : CVE-2025-53306 Published : June 27, 2025, 2:15 p.m. | 23 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in lucidcrew WP Forum Server allows SQL Injection. This issue affects WP Forum Server: from n/a through 1.8.2. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53308 - Gopi_plus Image Slider Stored XSS CSRF

CVE ID : CVE-2025-53308 Published : June 27, 2025, 2:15 p.m. | 23 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in gopi_plus Image Slider With Description allows Stored XSS. This issue affects Image Slider With Description: from n/a through 9.2. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-53309 - ZealousWeb Contact Form 7 Information Disclosure

CVE ID : CVE-2025-53309 Published : June 27, 2025, 2:15 p.m. | 23 minutes ago Description : Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Stripe Payments Using Contact Form 7 allows Retrieve Embedded Sensitive Data. This issue affects Accept Stripe Payments Using Contact Form 7: from n/a through 3.0. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 14:15:00 GMT

read more

CVE-2025-40910 - Apache Net::IP::LPM Leading Zero IP Address Bypass Vulnerability

CVE ID : CVE-2025-40910 Published : June 27, 2025, 1:15 p.m. | 36 minutes ago Description : Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses. Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 13:15:00 GMT

read more

CVE-2025-53018 - Lychee Server-Side Request Forgery (SSRF) Vulnerability

CVE ID : CVE-2025-53018 Published : June 27, 2025, 1:15 p.m. | 36 minutes ago Description : Lychee is a free, open-source photo-management tool. Prior to version 6.6.13, a critical Server-Side Request Forgery (SSRF) vulnerability exists in the `/api/v2/Photo::fromUrl` endpoint. This flaw lets an attacker instruct the application’s backend to make HTTP requests to any URL they choose. Consequently, internal network resources—such as localhost services or cloud-provider metadata endpoints—become reachable. The endpoint takes a URL from the user and calls it server-side via fopen() without any safeguards. There is no IP address validation, nor are there any allow-list, timeout, or size restrictions. Because of this, attackers can point the application at internal targets. Using this flaw, an attacker can perform internal port scans or retrieve sensitive cloud metadata. Version 6.6.13 contains a patch for the issue. Severity: 3.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 13:15:00 GMT

read more

CVE-2025-6766 - Apache sfturing SQL Injection Vulnerability

CVE ID : CVE-2025-6766 Published : June 27, 2025, 1:15 p.m. | 36 minutes ago Description : A vulnerability was found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. It has been declared as critical. This vulnerability affects the function getOfficeName of the file OfficeServiceImpl.java. The manipulation of the argument officesName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 13:15:00 GMT

read more

CVE-2025-6767 - Oracle SFTuring SQL Injection Vulnerability

CVE ID : CVE-2025-6767 Published : June 27, 2025, 1:15 p.m. | 36 minutes ago Description : A vulnerability was found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. It has been rated as critical. This issue affects the function findDoctorByCondition of the file DoctorServiceImpl.java. The manipulation of the argument hospitalName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 13:15:00 GMT

read more

CVE-2025-52774 - Infility Global Cross-site Scripting

CVE ID : CVE-2025-52774 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infility Infility Global allows Reflected XSS. This issue affects Infility Global: from n/a through 2.12.7. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52778 - Michel xili-dictionary Cross-site Scripting

CVE ID : CVE-2025-52778 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michel - xiligroup dev xili-dictionary allows Reflected XSS. This issue affects xili-dictionary: from n/a through 2.12.5.2. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52799 - Designthemes LMS Cross-site Scripting (XSS)

CVE ID : CVE-2025-52799 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes LMS allows Reflected XSS. This issue affects LMS: from n/a through 9.1. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52808 - RealtyElite PHP RFI Vulnerability

CVE ID : CVE-2025-52808 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in real-web RealtyElite allows PHP Local File Inclusion. This issue affects RealtyElite: from n/a through 1.0.0. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52809 - John Russell National Weather Service Alerts PHP Local File Inclusion

CVE ID : CVE-2025-52809 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in John Russell National Weather Service Alerts allows PHP Local File Inclusion. This issue affects National Weather Service Alerts: from n/a through 1.3.5. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52810 - TMRW-studio Katerio Magazine Path Traversal PHP Local File Inclusion Vulnerability

CVE ID : CVE-2025-52810 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Path Traversal vulnerability in TMRW-studio Katerio - Magazine allows PHP Local File Inclusion. This issue affects Katerio - Magazine: from n/a through 1.5.1. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52811 - Creanncy Davenport Path Traversal PHP Local File Inclusion Vulnerability

CVE ID : CVE-2025-52811 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Path Traversal vulnerability in Creanncy Davenport - Versatile Blog and Magazine WordPress Theme allows PHP Local File Inclusion. This issue affects Davenport - Versatile Blog and Magazine WordPress Theme: from n/a through 1.3. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52812 - ApusWP Domnoo PHP Local File Inclusion Vulnerability

CVE ID : CVE-2025-52812 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusWP Domnoo allows PHP Local File Inclusion. This issue affects Domnoo: from n/a through 1.49. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52814 - Ovatheme BRW PHP RFI Vulnerability

CVE ID : CVE-2025-52814 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme BRW allows PHP Local File Inclusion. This issue affects BRW: from n/a through 1.7.9. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52815 - AncoraThemes CityGov PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-52815 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes CityGov allows PHP Local File Inclusion. This issue affects CityGov: from n/a through 1.9. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52816 - Themehunk Zita PHP Remote File Inclusion Vulnerability

CVE ID : CVE-2025-52816 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehunk Zita allows PHP Local File Inclusion. This issue affects Zita: from n/a through 1.6.5. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52817 - ZealousWeb Abandoned Contact Form 7 Missing Authorization Vulnerability

CVE ID : CVE-2025-52817 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Missing Authorization vulnerability in ZealousWeb Abandoned Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Abandoned Contact Form 7: from n/a through 2.0. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52818 - Trusty Whistleblowing Missing Authorization Vulnerability

CVE ID : CVE-2025-52818 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Missing Authorization vulnerability in Dejan Jasnic Trusty Whistleblowing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trusty Whistleblowing: from n/a through 1.5.2. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52824 - MDJM Mobile DJ Manager Missing Authorization Vulnerability

CVE ID : CVE-2025-52824 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Missing Authorization vulnerability in MDJM Mobile DJ Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Mobile DJ Manager: from n/a through 1.7.6. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52826 - UXPER Sala Object Injection Vulnerability

CVE ID : CVE-2025-52826 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Deserialization of Untrusted Data vulnerability in uxper Sala allows Object Injection. This issue affects Sala: from n/a through 1.1.3. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52827 - UXPER Nuss Untrusted Data Deserialization Object Injection

CVE ID : CVE-2025-52827 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Deserialization of Untrusted Data vulnerability in uxper Nuss allows Object Injection. This issue affects Nuss: from n/a through 1.3.3. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52829 - DirectIQ Email Marketing SQL Injection

CVE ID : CVE-2025-52829 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DirectIQ DirectIQ Email Marketing allows SQL Injection. This issue affects DirectIQ Email Marketing: from n/a through 2.0. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-52834 - Favethemes Homey SQL Injection

CVE ID : CVE-2025-52834 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in favethemes Homey allows SQL Injection. This issue affects Homey: from n/a through 2.4.5. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-6762 - Diyhi BBS Server-Side Request Forgery (SSRF) Vulnerability

CVE ID : CVE-2025-6762 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the function getUrl of the file /admin/login of the component HTTP Header Handler. The manipulation of the argument Host leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-6763 - Comet System Web-based Management Interface Missing Authentication Vulnerability

CVE ID : CVE-2025-6763 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : A vulnerability classified as critical was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. This vulnerability affects unknown code of the file /setupA.cfg of the component Web-based Management Interface. The manipulation leads to missing authentication. Access to the local network is required for this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-6765 - Intelbras InControl Remote File Permission Bypass Vulnerability

CVE ID : CVE-2025-6765 Published : June 27, 2025, 12:15 p.m. | 1 hour, 35 minutes ago Description : A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 12:15:00 GMT

read more

CVE-2025-6761 - Kingdee Cloud-Starry-Sky Enterprise Edition Freemarker Engine Template Engine Injection Vulnerability

CVE ID : CVE-2025-6761 Published : June 27, 2025, 11:15 a.m. | 35 minutes ago Description : A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0. It has been rated as critical. Affected by this issue is the function plugin.buildMobilePopHtml of the file \k3\o2o\bos\webapp\action\DynamicForm 4 Action.class of the component Freemarker Engine. The manipulation leads to improper neutralization of special elements used in a template engine. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The vendor explains, that in the fixed release "Freemarker is set to 'ALLOWS_NOTHING_RESOLVER' to not parse any classes." Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 11:15:00 GMT

read more

CVE-2025-5398 - Ninja Forms Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5398 Published : June 27, 2025, 10:15 a.m. | 1 hour, 35 minutes ago Description : The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of a templating engine in all versions up to, and including, 3.10.2.1 due to insufficient output escaping on user data passed through the template. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 10:15:00 GMT

read more

CVE-2024-12827 - WordPress DWT Directory Listing Theme Privilege Escalation Vulnerability

CVE ID : CVE-2024-12827 Published : June 27, 2025, 9:15 a.m. | 2 hours, 35 minutes ago Description : The DWT - Directory & Listing WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3.6. This is due to the plugin not properly checking for an empty token value prior to resetting a user's password through the dwt_listing_reset_password() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 09:15:00 GMT

read more

CVE-2025-2940 - WordPress Easy Data Table Builder SSRF

CVE ID : CVE-2025-2940 Published : June 27, 2025, 9:15 a.m. | 2 hours, 35 minutes ago Description : The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.18 via the args[url] parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 09:15:00 GMT

read more

CVE-2025-4587 - WordPress A/B Testing Stored Cross-Site Scripting

CVE ID : CVE-2025-4587 Published : June 27, 2025, 8:15 a.m. | 3 hours, 35 minutes ago Description : The A/B Testing for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ab-testing-for-wp/ab-test-block' block in all versions up to, and including, 1.18.2 due to insufficient input sanitization and output escaping on the 'id' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-5306 - Pandora FMS Command Injection Vulnerability

CVE ID : CVE-2025-5306 Published : June 27, 2025, 8:15 a.m. | 3 hours, 35 minutes ago Description : Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778 Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-5936 - WordPress VR Calendar CSRF

CVE ID : CVE-2025-5936 Published : June 27, 2025, 8:15 a.m. | 3 hours, 35 minutes ago Description : The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validation on the syncCalendar() function. This makes it possible for unauthenticated attackers to trigger a calendar sync via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-5940 - Osom Blocks - WordPress Stored Cross-Site Scripting

CVE ID : CVE-2025-5940 Published : June 27, 2025, 8:15 a.m. | 3 hours, 35 minutes ago Description : The Osom Blocks – Custom Post Type listing block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class_name’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-6550 - Elementor Pack Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6550 Published : June 27, 2025, 8:15 a.m. | 3 hours, 35 minutes ago Description : The The Pack Elementor addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slider_options’ parameter in all versions up to, and including, 2.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-6688 - "WordPress Simple Payment Authentication Bypass"

CVE ID : CVE-2025-6688 Published : June 27, 2025, 8:15 a.m. | 3 hours, 35 minutes ago Description : The Simple Payment plugin for WordPress is vulnerable to Authentication Bypass in versions 1.3.6 to 2.3.8. This is due to the plugin not properly verifying a user's identity prior to logging them in through the create_user() function. This makes it possible for unauthenticated attackers to log in as administrative users. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-6689 - "FL3R Accessibility Suite Plugin Stored XSS Vulnerability"

CVE ID : CVE-2025-6689 Published : June 27, 2025, 8:15 a.m. | 3 hours, 35 minutes ago Description : The FL3R Accessibility Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fl3raccessibilitysuite shortcode in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 08:15:00 GMT

read more

CVE-2025-36529 - TB-Eye Command Injection Vulnerability

CVE ID : CVE-2025-36529 Published : June 27, 2025, 6:15 a.m. | 5 hours, 35 minutes ago Description : An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who is logging in to the device. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-41418 - TB-eye Network Recorders/AHD Recorders Buffer Overflow Vulnerability

CVE ID : CVE-2025-41418 Published : June 27, 2025, 6:15 a.m. | 5 hours, 35 minutes ago Description : Buffer Overflow vulnerability exists in multiple versions of TB-eye network recorders and AHD recorders. The CGI process may be terminated abnormally by processing a specially crafted request. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-5035 - Firelight Lightbox WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5035 Published : June 27, 2025, 6:15 a.m. | 5 hours, 35 minutes ago Description : The Firelight Lightbox WordPress plugin before 2.3.16 does not sanitise and escape title attributes before outputting them in the page, which could allow users with a role as low as contributors to perform stored Cross-Site Scripting attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-5093 - WordPress Responsive Lightbox Gallery Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-5093 Published : June 27, 2025, 6:15 a.m. | 5 hours, 35 minutes ago Description : The Responsive Lightbox & Gallery WordPress plugin before 2.5.2 use the Swipebox library which does not validate and escape title attributes before outputting them back in a page/post where used, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-5194 - WordPress Map Block Stored Cross-Site Scripting

CVE ID : CVE-2025-5194 Published : June 27, 2025, 6:15 a.m. | 5 hours, 35 minutes ago Description : The WP Map Block WordPress plugin before 2.0.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-5526 - BuddyPress Docs Information Disclosure Vulnerability

CVE ID : CVE-2025-5526 Published : June 27, 2025, 6:15 a.m. | 5 hours, 35 minutes ago Description : The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 06:15:00 GMT

read more

CVE-2025-45737 - NetEase NeacSafe64 Elevation of Privilege

CVE ID : CVE-2025-45737 Published : June 27, 2025, 5:15 a.m. | 6 hours, 35 minutes ago Description : An issue in NetEase (Hangzhou) Network Co., Ltd NeacSafe64 Driver before v1.0.0.8 allows attackers to escalate privileges via sending crafted IOCTL commands to the NeacSafe64.sys component. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 05:15:00 GMT

read more

CVE-2025-6488 - WordPress isMobile Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-6488 Published : June 27, 2025, 5:15 a.m. | 6 hours, 35 minutes ago Description : The isMobile plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ parameter in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 05:15:00 GMT

read more

CVE-2025-6753 - Huija BicycleSharingServer SQL Injection Vulnerability

CVE ID : CVE-2025-6753 Published : June 27, 2025, 5:15 a.m. | 6 hours, 35 minutes ago Description : A vulnerability was found in huija bicycleSharingServer 1.0 and classified as critical. This issue affects the function selectAdminByNameLike of the file AdminController.java. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 05:15:00 GMT

read more

CVE-2025-6752 - Linksys UPnP Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6752 Published : June 27, 2025, 4:16 a.m. | 7 hours, 35 minutes ago Description : A vulnerability has been found in Linksys WRT1900ACS, EA7200, EA7450 and EA7500 up to 20250619 and classified as critical. This vulnerability affects the function SetDefaultConnectionService of the file /upnp/control/Layer3Forwarding of the component IGD. The manipulation of the argument NewDefaultConnectionService leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:16:00 GMT

read more

CVE-2025-53164 - Apache HTTP Server Command Injection

CVE ID : CVE-2025-53164 Published : June 27, 2025, 4:15 a.m. | 7 hours, 35 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53165 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53165 Published : June 27, 2025, 4:15 a.m. | 7 hours, 35 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53166 - Apache HTTP Server Cross-Site Scripting

CVE ID : CVE-2025-53166 Published : June 27, 2025, 4:15 a.m. | 7 hours, 35 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-6751 - Linksys E8450 HTTP POST Request Handler Buffer Overflow

CVE ID : CVE-2025-6751 Published : June 27, 2025, 4:15 a.m. | 7 hours, 35 minutes ago Description : A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function set_device_language of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dut_language leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53162 - Apache HTTP Server Denial of Service

CVE ID : CVE-2025-53162 Published : June 27, 2025, 4:15 a.m. | 5 hours, 34 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53163 - Apache HTTP Server Arbitrary File Download

CVE ID : CVE-2025-53163 Published : June 27, 2025, 4:15 a.m. | 5 hours, 34 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53157 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53157 Published : June 27, 2025, 4:15 a.m. | 3 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53158 - Apache HTTP Server Unvalidated User Input

CVE ID : CVE-2025-53158 Published : June 27, 2025, 4:15 a.m. | 3 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53159 - Apache HTTP Server Cross-Site Request Forgery

CVE ID : CVE-2025-53159 Published : June 27, 2025, 4:15 a.m. | 3 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53160 - Apache Apache HTTP Server SQL Injection

CVE ID : CVE-2025-53160 Published : June 27, 2025, 4:15 a.m. | 3 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-53161 - VMware Network PolicyVulnerability: Denial of Service

CVE ID : CVE-2025-53161 Published : June 27, 2025, 4:15 a.m. | 3 hours, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 04:15:00 GMT

read more

CVE-2025-47822 - Flock Safety LPR Impropoer Access Control Vulnerability

CVE ID : CVE-2025-47822 Published : June 27, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have an on-chip debug interface with improper access control. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-47823 - Flock Safety LPR Hardcoded Password Vulnerability

CVE ID : CVE-2025-47823 Published : June 27, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have a hardcoded password for a system. Severity: 2.2 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-47824 - Flock Safety LPR Cleartext Code Storage Vulnerability

CVE ID : CVE-2025-47824 Published : June 27, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage of code. Severity: 2.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-6750 - HDF5 Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6750 Published : June 27, 2025, 3:15 a.m. | 4 hours, 39 minutes ago Description : A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5O__mtime_new_encode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-47821 - Flock Safety Gunshot Detection Device Hardcoded Password Vulnerability

CVE ID : CVE-2025-47821 Published : June 27, 2025, 3:15 a.m. | 2 hours, 39 minutes ago Description : Flock Safety Gunshot Detection devices before 1.3 have a hardcoded password for a system. Severity: 2.2 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 03:15:00 GMT

read more

CVE-2025-47818 - Flock Safety Gunshot Detection HTTP Server Unauthenticated Access

CVE ID : CVE-2025-47818 Published : June 27, 2025, 2:15 a.m. | 3 hours, 39 minutes ago Description : Flock Safety Gunshot Detection devices before 1.3 have a hard-coded password for a connection. Severity: 2.2 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2025-47819 - Flock Safety Gunshot Detection Debug Interface Unauthorized Access Vulnerability

CVE ID : CVE-2025-47819 Published : June 27, 2025, 2:15 a.m. | 3 hours, 39 minutes ago Description : Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control. Severity: 6.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2025-47820 - Flock Safety Gunshot Detection Devices Cleartext Code Storage Vulnerability

CVE ID : CVE-2025-47820 Published : June 27, 2025, 2:15 a.m. | 3 hours, 39 minutes ago Description : Flock Safety Gunshot Detection devices before 1.3 have cleartext storage of code. Severity: 2.0 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2025-6748 - Airtel Thanks App Cleartext Storage Vulnerability

CVE ID : CVE-2025-6748 Published : June 27, 2025, 2:15 a.m. | 3 hours, 39 minutes ago Description : A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 2.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2025-6749 - Huija bicycleSharingServer SQL Injection Vulnerability

CVE ID : CVE-2025-6749 Published : June 27, 2025, 2:15 a.m. | 3 hours, 39 minutes ago Description : A vulnerability classified as critical was found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this vulnerability is the function searchAdminMessageShow of the file AdminController.java. The manipulation of the argument Title leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Fri, 27 Jun 2025 02:15:00 GMT

read more

CVE-2024-3511 - WSO2 Registry Unauthorized File Access Vulnerability

CVE ID : CVE-2024-3511 Published : June 23, 2025, 9:15 a.m. | 21 minutes ago Description : An incorrect authorization vulnerability exists in multiple WSO2 products that allows unauthorized access to versioned files stored in the registry. Due to flawed authorization logic, a malicious actor with access to the management console can exploit a specific bypass method to retrieve versioned files without proper authorization. Successful exploitation of this vulnerability could lead to unauthorized disclosure of configuration or resource files that may be stored as registry versions, potentially aiding further attacks or system reconnaissance. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 09:15:00 GMT

read more

CVE-2025-6502 - Code-projects Inventory Management System SQL Injection Critical Vulnerability

CVE ID : CVE-2025-6502 Published : June 23, 2025, 4:15 a.m. | 5 hours, 21 minutes ago Description : A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php_action/changePassword.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 04:15:00 GMT

read more

CVE-2025-6503 - Code-projects Inventory Management System SQL Injection

CVE ID : CVE-2025-6503 Published : June 23, 2025, 4:15 a.m. | 5 hours, 21 minutes ago Description : A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/fetchSelectedCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 04:15:00 GMT

read more

CVE-2025-6499 - Apache vstakhov libucl Heap-Based Buffer Overflow

CVE ID : CVE-2025-6499 Published : June 23, 2025, 3:15 a.m. | 6 hours, 21 minutes ago Description : A vulnerability classified as problematic was found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function ucl_parse_multiline_string of the file src/ucl_parser.c. The manipulation leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 03:15:00 GMT

read more

CVE-2025-6500 - Code-projects Inventory Management System SQL Injection

CVE ID : CVE-2025-6500 Published : June 23, 2025, 3:15 a.m. | 6 hours, 21 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Inventory Management System 1.0. Affected by this issue is some unknown functionality of the file /php_action/editCategories.php. The manipulation of the argument editCategoriesName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 03:15:00 GMT

read more

CVE-2025-6501 - Apache Code-projects Inventory Management System SQL Injection

CVE ID : CVE-2025-6501 Published : June 23, 2025, 3:15 a.m. | 6 hours, 21 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/createCategories.php. The manipulation of the argument categoriesStatus leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 03:15:00 GMT

read more

CVE-2025-6498 - HTACG Tidy-HTML5 Memory Leak Vulnerability

CVE ID : CVE-2025-6498 Published : June 23, 2025, 2:15 a.m. | 7 hours, 21 minutes ago Description : A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 02:15:00 GMT

read more

CVE-2025-52926 - Spytrap-ADB Stalkerware Detection UI Vulnerability

CVE ID : CVE-2025-52926 Published : June 23, 2025, 1:15 a.m. | 8 hours, 21 minutes ago Description : In scan.rs in spytrap-adb before 0.3.5, matches for known stalkerware are not rendered in the interactive user interface. Severity: 2.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 01:15:00 GMT

read more

CVE-2025-6497 - "HTACG Tidy-html5 Assertion Vulnerability"

CVE ID : CVE-2025-6497 Published : June 23, 2025, 1:15 a.m. | 8 hours, 21 minutes ago Description : A vulnerability was found in HTACG tidy-html5 5.8.0. It has been rated as problematic. This issue affects the function prvTidyParseNamespace of the file src/parser.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 01:15:00 GMT

read more

CVE-2025-6496 - Apache Tidy Null Pointer Dereference Vulnerability

CVE ID : CVE-2025-6496 Published : June 23, 2025, 12:15 a.m. | 9 hours, 21 minutes ago Description : A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Mon, 23 Jun 2025 00:15:00 GMT

read more

CVE-2025-6494 - Nokogiri Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6494 Published : June 22, 2025, 11:15 p.m. | 10 hours, 21 minutes ago Description : A vulnerability was found in sparklemotion nokogiri up to 1.18.7. It has been classified as problematic. This affects the function hashmap_get_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 23:15:00 GMT

read more

CVE-2025-6493 - CodeMirror Markdown Mode Regular Expression Complexity Remote Vulnerability

CVE ID : CVE-2025-6493 Published : June 22, 2025, 10:15 p.m. | 11 hours, 21 minutes ago Description : A vulnerability was found in CodeMirror up to 5.17.0 and classified as problematic. Affected by this issue is some unknown functionality of the file mode/markdown/markdown.js of the component Markdown Mode. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Not all code samples mentioned in the GitHub issue can be found. The repository mentions, that "CodeMirror 6 exists, and is [...] much more actively maintained." Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 22:15:00 GMT

read more

CVE-2025-6492 - MarkText Regular Expression Complexity Remote Vulnerability

CVE ID : CVE-2025-6492 Published : June 22, 2025, 8:15 p.m. | 13 hours, 21 minutes ago Description : A vulnerability has been found in MarkText up to 0.17.1 and classified as problematic. Affected by this vulnerability is the function getRecommendTitleFromMarkdownString of the file marktext/src/main/utils/index.js. The manipulation leads to inefficient regular expression complexity. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 20:15:00 GMT

read more

CVE-2025-6489 - iSourcecode Agri-Trading Online Shopping System SQL Injection Vulnerability

CVE ID : CVE-2025-6489 Published : June 22, 2025, 7:15 p.m. | 14 hours, 21 minutes ago Description : A vulnerability has been found in itsourcecode Agri-Trading Online Shopping System 1.0 and classified as critical. This vulnerability affects unknown code of the file /transactionsave.php. The manipulation of the argument del leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 19:15:00 GMT

read more

CVE-2025-6490 - Nokogiri Heap-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6490 Published : June 22, 2025, 7:15 p.m. | 14 hours, 21 minutes ago Description : A vulnerability was found in sparklemotion nokogiri up to 1.18.7 and classified as problematic. This issue affects the function hashmap_set_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 19:15:00 GMT

read more

CVE-2025-6486 - TOTOLINK A3002R Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-6486 Published : June 22, 2025, 6:15 p.m. | 15 hours, 21 minutes ago Description : A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been declared as critical. This vulnerability affects the function formWlanMultipleAP of the file /boafrm/formWlanMultipleAP. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 18:15:00 GMT

read more

CVE-2025-6487 - TOTOLINK A3002R Stack-Based Buffer Overflow

CVE ID : CVE-2025-6487 Published : June 22, 2025, 6:15 p.m. | 15 hours, 21 minutes ago Description : A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been rated as critical. This issue affects the function formRoute of the file /boafrm/formRoute. The manipulation of the argument subnet leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 18:15:00 GMT

read more

CVE-2025-6484 - Code-projects Online Shopping Store SQL Injection

CVE ID : CVE-2025-6484 Published : June 22, 2025, 5:15 p.m. | 16 hours, 21 minutes ago Description : A vulnerability was found in code-projects Online Shopping Store 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /action.php. The manipulation of the argument cat_id/brand_id/keyword/proId/pid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 17:15:00 GMT

read more

CVE-2025-6485 - TOTOLINK A3002R OS Command Injection Vulnerability

CVE ID : CVE-2025-6485 Published : June 22, 2025, 5:15 p.m. | 16 hours, 21 minutes ago Description : A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function formWlSiteSurvey of the file /boafrm/formWlSiteSurvey. The manipulation of the argument wlanif leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 17:15:00 GMT

read more

CVE-2025-6482 - "Simple Pizza Ordering System SQL Injection Vulnerability"

CVE ID : CVE-2025-6482 Published : June 22, 2025, 4:15 p.m. | 17 hours, 21 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /edituser-exec.php. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 16:15:00 GMT

read more

CVE-2025-6483 - "Simple Pizza Ordering System SQL Injection Vulnerability"

CVE ID : CVE-2025-6483 Published : June 22, 2025, 4:15 p.m. | 17 hours, 21 minutes ago Description : A vulnerability has been found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edituser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 16:15:00 GMT

read more

CVE-2025-6480 - Apache Code-Projects Simple Pizza Ordering System SQL Injection Vulnerability

CVE ID : CVE-2025-6480 Published : June 22, 2025, 3:15 p.m. | 18 hours, 21 minutes ago Description : A vulnerability classified as critical was found in code-projects Simple Pizza Ordering System 1.0. This vulnerability affects unknown code of the file /addcatexec.php. The manipulation of the argument textfield leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 15:15:00 GMT

read more

CVE-2025-6481 - "Simple Pizza Ordering System SQL Injection Vulnerability"

CVE ID : CVE-2025-6481 Published : June 22, 2025, 3:15 p.m. | 18 hours, 21 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza Ordering System 1.0. This issue affects some unknown processing of the file /update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 15:15:00 GMT

read more

CVE-2025-6478 - CodeAstro Expense Management System CSRF

CVE ID : CVE-2025-6478 Published : June 22, 2025, 2:15 p.m. | 19 hours, 21 minutes ago Description : A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 14:15:00 GMT

read more

CVE-2025-6479 - Simple Pizza Ordering System SQL Injection

CVE ID : CVE-2025-6479 Published : June 22, 2025, 2:15 p.m. | 19 hours, 21 minutes ago Description : A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /salesreport.php. The manipulation of the argument dayfrom leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more... ]]>

Sun, 22 Jun 2025 14:15:00 GMT

read more

Fuite de données chez Disneyland

]]>

Sat Jun 21 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Publication de la 4e édition de l’Observatoire des métiers 2025

]]>

Mon, 09 Jun 2025 19:56:00 GMT

read more

Retrouvez l’ANSSI lors de VivaTechnology 2025 !

]]>

Fri, 06 Jun 2025 07:25:00 GMT

read more

Retour sur le webinaire « Comment se faire labelliser ExpertCyber ? »

]]>

Thu, 05 Jun 2025 12:02:00 GMT

read more

Soldes d&rsquo;été : 7 conseils pour éviter les cyber-arnaques

]]>

Thu, 05 Jun 2025 09:00:00 GMT

read more

Cybermois 2025

]]>

Thu, 05 Jun 2025 01:11:00 GMT

read more

« Histoire de Cyber » : engagez-vous pour le Cybermois 2025

]]>

Thu, 05 Jun 2025 01:09:00 GMT

read more

Cybermois 2025 : kit de communication

]]>

Thu, 05 Jun 2025 01:05:00 GMT

read more

Rançongiciel ou ransomware, que faire ? (particuliers)

]]>

Tue, 03 Jun 2025 11:38:00 GMT

read more

Rançongiciel ou ransomware, que faire ? (particuliers)

Un rançongiciel ou ransomware est un logiciel malveillant ou virus qui bloque l’accès à l’ordinateur ou à ses fichiers et qui réclame à la victime le paiement d’une rançon pour en obtenir de nouveau l’accès. Que faire en cas de ransomware ? Isoler les équipements touchés, ne pas…]]>

Tue, 03 Jun 2025 11:38:00 GMT

read more

Fuite de données chez Kaviari

]]>

Tue Jun 03 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Autosur

]]>

Mon May 26 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Retour sur la participation de l’ANSSI à l’édition 2025 de Locked Shields

]]>

Wed, 14 May 2025 08:02:00 GMT

read more

Fuite de données chez Pulsy

]]>

Tue May 13 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

The syzygy distinguisher élu best paper award

The syzygy distinguisher élu best paper award anssiadm lun 05/05/2025 - 11:43 À l’occasion de la conférence Eurocrypt qui se tient à Madrid du 4 au 8 mai, l’International Association for Cryptologic Research (IACR) a remis le Best Paper Award à Hugues Randriam pour ses travaux menés au sein du laboratoire de cryptologie de l’ANSSI. Cette récompense vient saluer l’article de Hugues Randriam intitulé « The syzygy distinguisher », dont les conclusions représentent une avancée significative dans le domaine du chiffrement asymétrique. L’étude propose en effet un nouvel outil mathématique appelé « syzygy distinguisher ». Déjà utilisé en cryptographie, les distinguisher ont toutefois montré des limites face à certains problèmes complexes de cryptographie. Celui proposé par Hugues dans son papier offre des résultats considérablement supérieurs lorsqu’il s’agit de reconnaître des codes cryptographiques utilisés pour sécuriser les communications, notamment dans le cadre de la cryptographie post-quantique. L’attribution de ce prix constitue une reconnaissance forte des travaux menés par Hugues Randriam et par l’ensemble du laboratoire de cryptographie de l’ANSSI. Elle souligne également l’engagement constant des équipes de l’Agence dans la recherche scientifique. C’est une grande fierté pour l’ANSSI, non seulement pour le rayonnement de ses laboratoires, mais aussi pour le travail mené au quotidien par l’ensemble de ses agents. Version préliminaire du papier Programme de la conférence Consultez la synthèse de l'article ]]>

Mon, 05 May 2025 11:43:00 GMT

read more

Fuite de données chez Cerballiance

]]>

Wed Apr 30 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Le France Cybersecurity challenge s'achève

Le France Cybersecurity challenge s'achève anssiadm lun 28/04/2025 - 13:43 L’édition 2025 du France Cybersecurity challenge (FCSC) qui a débuté le 18 avril s’est achevée ce dimanche 27 avril, après 10 jours de compétition et une participation record. Plus de 2000 hackers réunis pour relever le défi Le FCSC 2025 a réuni plus de 2000 hackers éthiques qui se sont affrontés à travers une centaine d'épreuves spécialement élaborées par les experts de l'ANSSI. Grande nouveauté cette année avec l’introduction pour la première fois d’épreuves de rapidité (« speedrun »), une journée entière pour tester la créativité et l'expertise des participants sur de tout nouveaux challenges. Retrouvez le classement complet de cette édition 2025 sur FCSC 2025. En route vers l’European Cybersecurity challenge (ECSC) Pour rappel, la compétition fait également office de point de départ pour les 14 joueurs de 14 à 25 ans (10 titulaires et 4 remplaçants) qui seront prochainement sélectionnés pour représenter la France lors de l’European Cybersecurity Challenge (ECSC). En plus de leurs résultats respectifs lors du FCSC, ces joueurs seront recrutés via un système d’entretiens par les coachs de l’ANSSI pour leurs expertises, leur talent, leurs qualités humaines et leur sens du collectif. Cette année, la Team France se rendra à Varsovie, du 6 au 10 octobre 2025. ]]>

Mon, 28 Apr 2025 13:43:00 GMT

read more

Bilan du volet cybersécurité de France Relance : un défi réussi

Bilan du volet cybersécurité de France Relance : un défi réussi anssiadm lun 28/04/2025 - 10:10 Le dernier rapport d’activité du volet cybersécurité de France Relance présente les travaux entrepris par l’ANSSI sur 2024, année de clôture du programme sur le plan financier. Ce dernier volet illustre les actions menées par l’Agence durant 4 ans qui ont permis d’améliorer significativement l’accompagnement des entités vers une meilleure cybersécurité. Avec 100 millions d’euros, le programme des parcours de cybersécurité a constitué un investissement sans précédent pour répondre à une menace devenue systémique, touchant des entités critiques au cœur des territoires. Les « parcours de cybersécurité » avaient pour objectif d’élever la sécurité numérique des services publics, de dynamiser l’industrie de cybersécurité française et européenne et de favoriser des investissements durables au service de la cybersécurité des organisations. Pendant 4 ans, l’ANSSI a conçu, déployé et piloté un dispositif d’accompagnement au profit des collectivités, des établissements de santé et des entités publiques. Ainsi, 945 entités parmi les plus vulnérables à la menace cyber ont pu bénéficier de cet accompagnement, dont : 707 collectivités territoriales, 134 établissements de santé, 87 autres établissements publics, 17 centres de recherche et d’enseignement supérieur, Parmi celles-ci, 62 entités ont été accompagnées dans les territoires d’Outre-mer. Les parcours ont permis d’élever le niveau de cyberdéfense des bénéficiaires de manière significative : en moyenne, les bénéficiaires sont passés d’un score de maturité cyber de D+ à B, soulignant un progrès conséquent. Grâce aux parcours, les entités ont réussi à s’intégrer dans l’écosystème cyber de leur territoire et de leur secteur, en lien avec l’ANSSI, et sont ainsi solidement ancrées dans une démarche de sécurisation à long terme. Au-delà des bénéfices pour les entités accompagnées, les parcours de cybersécurité laissent un héritage exploitable dans la durée, notamment dans la perspective de la mise en œuvre de la directive NIS 2 avec la mise à disposition d’outils et de méthodes adaptés aux besoins de chaque bénéficiaire. Le programme a permis de dynamiser l’offre industrielle de cybersécurité dans les territoires et de renforcer l’offre française et européenne de cybersécurité : 197 prestataires présents sur l’ensemble du territoire national ont été impliqués. 40 millions d’euros ont été dédiés à l’acquisition de produits de cybersécurité français et européens (dont 33 millions d’euros pour des produits français). Les parcours de cybersécurité sont un succès, avec des effets tangibles et durables pour les bénéficiaires. Ils font partie d'un programme plus large de soutien à la transformation numérique et à la résilience des systèmes d'information, dans un contexte où les cybermenaces se multiplient. Rapport d'activité France Relance 2024 ]]>

Mon, 28 Apr 2025 10:10:00 GMT

read more

Fuite de données chez Carrefour Mobile

]]>

Thu Apr 24 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Easy Cash

]]>

Tue Apr 22 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Le France Cybersecurity Challenge (FCSC) démarre aujourd’hui !

Le France Cybersecurity Challenge (FCSC) démarre aujourd’hui ! anssiadm lun 21/04/2025 - 07:04 Jusqu’au 27 avril 2025, venez vous mesurer aux épreuves du CTF de l’ANSSI et tentez de gagner votre place au sein de la Team France qui défendra nos couleurs lors de l’European Cybersecurity Challenge. Le France Cybersecurity Challenge (FCSC) est un Capture The Flag (CTF) de type jeopardy créé par les équipes de l’ANSSI et lancé en 2019. Plus de 100 épreuves vous attendent : crypto, pwn, hardware, web, forensics… Avec une grande nouveauté : une journée de « speedrun » qui se déroulera le samedi 26 avril. Rendez-vous sur FCSC 2025 ! Trois catégories d'âge à l'inscription Catégorie junior : Être né(e)s en 2005, 2006, 2007, 2008, 2009, 2010 ou 2011 ; Être de nationalité française ; Candidater pour intégrer la Team France et participer à l'European Cybersecurity Challenge (ECSC). Catégorie senior : Être né(e)s en 2000, 2001, 2002, 2003 ou 2004 ; Être de nationalité française ; Candidater pour intégrer la Team France et participer à l'European Cybersecurity Challenge (ECSC). Hors catégorie : Si vous n'êtes pas éligible pour une question d'âge ; Si vous n'êtes pas de nationalité française ; Si vous ne souhaitez pas candidater pour intégrer la Team France et participer à l'European Cybersecurity Challenge (ECSC). Sélection pour l’European Cybersecurity Challenge Vous avez moins de 25 ans ? Le FCSC est l’opportunité pour vous d’être sélectionné pour intégrer la Team France qui représentera le drapeau tricolore lors de l’European Cybersecurity Challenge (ECSC) 2025. La prochaine édition aura lieu à Varsovie en Pologne, du 6 au 10 octobre 2025. FCSC 2025 ]]>

Mon, 21 Apr 2025 07:04:00 GMT

read more

Fuite de données chez Indigo

]]>

Fri Apr 18 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Etat de la menace informatique sur le secteur des transports urbains

Etat de la menace informatique sur le secteur des transports urbains anssiadm jeu 17/04/2025 - 07:37 Les transports urbains constituent un secteur critique et les attaques informatiques qui le visent peuvent avoir des conséquences significatives qui génèrent parfois des difficultés dans la continuité des services ou encore dans la sécurisation des données. La menace à l’encontre des entités du secteur cible des entreprises de toute taille, dans le monde entier, et qui ont la gestion d’une large variété de moyen de transports. Répondant à ses missions de connaissance de la menace informatique, l’ANSSI partage un état de la menace sur le secteur du transport urbain. Un secteur fortement exposé en 2024 Tout au long de l’année, le contexte des Jeux Olympiques et Paralympiques de Paris 2024 a mis en lumière l’exposition de ce secteur aux cyberattaques, les tensions géopolitiques ayant été un catalyseur fort de cette menace avec de nombreuses attaques par déni de services. L’imbrication de plusieurs réseaux informatiques de grande taille ainsi que la diversité des équipements qui les composent met en exergue des niveaux de sécurisation hétérogène complexifiant d’autant plus les questions de sécurité des systèmes d’information et augmentant significativement la surface d’attaque. Les entités du secteur sont également fortement ciblées en raison du grand nombre de données personnelles des usagers, ainsi une attention toute particulière doit être portée à la protection de ces bases de données qui font régulièrement l’objet d’attaques à des fins d’exfiltration. Prévenir et se protéger contre ces menaces Dans son état de la menace, l’ANSSI rappelle l’importance d’avoir une approche globale de la sécurité et recommande aux entités de réaliser une cartographie globale des systèmes d’information afin d’identifier les risques affectant l’entité ou encore mesurer la maturité des systèmes d’informations concernés. Il est essentiel de travailler sur des modes de fonctionnement dégradé notamment pour assurer et préparer en parallèle un plan de continuité d’activité (PCA) et un plan de reprise d’activité (PRA). La mise en pratique ces recommandations permettra au secteur des transports urbains d’anticiper ces menaces. Transports urbains - Etat de la menace informatique ]]>

Thu, 17 Apr 2025 07:37:00 GMT

read more

L’ANSSI publie ses guides sur la remédiation d’incidents en anglais

L’ANSSI publie ses guides sur la remédiation d’incidents en anglais anssiadm mer 16/04/2025 - 12:39 Suite au lancement, en janvier 2024, d’un corpus sur la remédiation post-incident et l’intégration de trois guides (stratégique, opérationnel, technique) à cette collection, l’ANSSI publie les traductions de ces trois guides en anglais. L’objectif de ces traductions est de poursuivre la diffusion des piliers doctrinaux élaborés par l’ANSSI, à l’échelle européenne et internationale. En parallèle, le chantier de l’ANSSI sur la remédiation se poursuit. Le corpus (Piloter la remédiation d’un incident cyber | ANSSI) a vocation à être progressivement enrichi de nouveaux documents, sur la base des échanges menés activement par l’agence avec l’écosystème. Les traductions peuvent être retrouvées sur la page suivante du site de l’ANSSI en anglais : Voir les guides sur la remédiation en anglais ]]>

Wed, 16 Apr 2025 12:39:00 GMT

read more

L'ANSSI publie son rapport d'activité 2024

L'ANSSI publie son rapport d'activité 2024 anssiadm mar 15/04/2025 - 07:43 À l’occasion de la publication de son rapport d’activité 2024, l’ANSSI revient sur une année de mobilisation exceptionnelle tant de ses agents que de « l’équipe de France » de la cybersécurité dans son ensemble. Face à une menace cyber toujours plus forte, l’année écoulée a de nouveau démontré que la cybersécurité de la Nation est un sport collectif. Les Jeux olympiques et paralympiques de Paris 2024 comme consécration du modèle français de cyberdéfense En tant que cheffe de file du volet cyber, l’ANSSI a été au cœur de la préparation des Jeux olympiques et paralympiques de Paris 2024. Le succès de cet événement international majeur est un accomplissement pour l’Agence, qui témoigne également de la pertinence du modèle de cyberdéfense français bâti autour d’une autorité nationale et ancré dans un écosystème élargi et déployé dans les territoires. Les Jeux sont le résultat d’une méthode – anticipation, préparation, entraînement – et d’une équipe – l’écosystème cyber public et privé – qui doivent perdurer pour permettre à la France de rester parmi les grandes nations de la cybersécurité. La directive NIS 2, vecteur d’une transformation profonde pour l’ANSSI En 2024, l’ANSSI a poursuivi ses travaux de transposition de la directive NIS 2 qui sont le moteur d’un changement majeur de son organisation, de ses méthodes et de sa manière d’interagir avec ses bénéficiaires et ses partenaires. Déjà fortement mobilisées sur le sujet au cours des dernières années, les équipes de l’Agence continueront de l’être au quotidien, en coordination avec l’écosystème cyber, pour accompagner des milliers d’entités dans leur cybersécurité. Des progrès précieux pour l’élévation générale de la cybersécurité de l’Union européenne À l’image du cadre réglementaire défini par NIS 2, ou encore du vote du règlement sur la résilience cyber, pour lesquels l’ANSSI s’est pleinement engagée, la cybersécurité en Europe a connu de belles avancées en 2024. Par ailleurs, face aux évolutions technologiques, et notamment aux technologies de rupture, la conservation d’une maîtrise souveraine des expertises techniques s’impose comme une mission essentielle de l’ANSSI. L’année 2024 en quelques chiffres : 656 agents âgés en moyenne de 36 ans, œuvrent au quotidien pour la cybersécurité de la Nation, au sein de l’ANSSI. 4 386 (+15%) événements de sécurité traités par l’ANSSI, et 1 361 (+18%) incidents ayant impliqué un acteur malveillant. 68 formations labellisées SecNumedu, 1 696 personnes formées au Centre de formation à la sécurité des systèmes d’information (CFSSI) et 117 856 attestations SecNumacadémie décernées. L’année 2024 en quelques dates clés : Au-delà des JOP24 d’autres d’événements ont marqué l’année 2024 : 31 janvier : Adoption du schéma européen de certification de cybersécurité fondé sur des critères commun. 10 mai : Entrée en vigueur du décret d’application de la loi de programmation militaire 2024-2030, permettant à l’ANSSI de mettre en œuvre l’ensemble des nouvelles capacités dont elle l’a dotée. 9 juillet : Publications des recommandations de l’ANSSI pour l’hébergement des systèmes d’information sensible dans le cloud. 15 octobre : Présentation en conseil des ministres du projet de loi relatif à la résilience des activités d’importance vitale, à la protection des infrastructures critiques à la cybersécurité et à la résilience opérationnelle du secteur financier dont le titre II, Cybersécurité, vise à transposer la directive NIS 2. Cette année exceptionnelle ouvre désormais la voie à une nouvelle étape pour l’ANSSI, qui a été partagée dans notre stratégie pour 2025-2027 . Il s’agit de prendre acte des évolutions non seulement du paysage cyber, mais également de notre environnement plus global. Pour ce faire, nous aurons besoin de « l’équipe de France » de cybersécurité à nos côtes. Vincent Strubel Directeur général PIèce jointe PDF Rapport d'activité ANSSI 2024 ]]>

Tue, 15 Apr 2025 07:43:00 GMT

read more

Fuite de données chez Hertz

]]>

Tue Apr 15 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Harvest

]]>

Fri Apr 11 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez UTWIN

]]>

Mon Apr 07 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Reporterre

]]>

Tue Apr 01 2025 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez MAIF BPCE

]]>

Fri Mar 28 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Oracle Cloud

]]>

Thu Mar 27 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Centrale Nantes

]]>

Wed Mar 26 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Cerballiance

]]>

Tue Mar 25 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Autosur Diagnosur

]]>

Mon Mar 24 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Intersport

]]>

Thu Mar 20 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Direct Assurance

]]>

Tue Mar 18 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Laforêt

]]>

Thu Mar 13 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez UTwin

]]>

Wed Mar 05 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez La Poste

]]>

Tue Mar 04 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez École Nationale de la Sécurité

]]>

Fri Feb 28 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Nord Emploi

]]>

Wed Feb 26 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Fédération Française de Foot

]]>

Fri Feb 21 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Service Départemental d'Incendie et de Secours de la Vienne

]]>

Wed Feb 19 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Sport Découverte

]]>

Mon Feb 17 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Mutuelle des motards

]]>

Thu Feb 13 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Chronopost

]]>

Wed Feb 12 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez King Jouet

]]>

Tue Feb 11 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Espace-Recettes.fr Vorwerk

]]>

Thu Feb 06 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez AIDES

]]>

Mon Jan 27 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez E.Leclerc

]]>

Fri Jan 24 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Fédération Française de la montagne et de l'escalade

]]>

Thu Jan 23 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Fédération Française de tir à l'arc

]]>

Mon Jan 20 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Kiabi

]]>

Tue Jan 14 2025 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Cogitis

]]>

Tue Dec 31 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Atos

]]>

Mon Dec 30 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Arsoé

]]>

Fri Dec 27 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Peugeot

]]>

Thu Dec 26 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Cyberhaven

]]>

Wed Dec 25 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Wakanim

]]>

Fri Dec 20 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Top Achat

]]>

Thu Dec 12 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez LDLC

]]>

Tue Dec 10 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Deloitte

]]>

Wed Dec 04 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Guy Demarle

]]>

Tue Dec 03 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Norauto

]]>

Mon Dec 02 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Ze Camping

]]>

Wed Nov 27 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez JVS

]]>

Tue Nov 26 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez SFR

]]>

Sun Nov 24 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Banque de France

]]>

Sat Nov 23 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Companie de Transport Strasbourgeoise

]]>

Fri Nov 22 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Chambres d’agriculture

]]>

Thu Nov 21 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Auchan

]]>

Tue Nov 19 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Le Point

]]>

Mon Nov 18 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Huttopia

]]>

Thu Nov 14 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Molotov

]]>

Wed Nov 13 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Picard

]]>

Tue Nov 12 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Free Mobile

]]>

Fri Oct 25 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Ornikar

]]>

Thu Oct 24 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Meilleurtaux

]]>

Mon Sep 30 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez RED by SFR

]]>

Wed Sep 18 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Assurance retraite

]]>

Fri Sep 13 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Cybertek

]]>

Thu Sep 12 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Cultura

]]>

Tue Sep 10 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Boulanger

]]>

Sat Sep 07 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Ticketmaster

]]>

Sun Apr 28 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez Le Slip Français

]]>

Mon Apr 15 2024 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more

Fuite de données chez France Travail

]]>

Fri Mar 08 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez LDLC

]]>

Fri Mar 01 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Almerys, Viamedis

]]>

Tue Feb 06 2024 01:00:00 GMT+0100 (heure normale d’Europe centrale)

read more

Fuite de données chez Dailymotion

]]>

Sat Oct 01 2016 02:00:00 GMT+0200 (heure d’été d’Europe centrale)

read more